reportsantanderannualreport.com/2017/sites/default/files/... · 2019-02-20 · 176 executive...

174

Subcapítulo5. Risk management report

2015 ANNUAL REPORT

175

Subcapítulo5. Risk management report

2015 ANNUAL REPORT

5Risk Management Report

176 EXECUTIVE SUMMARY 180 A. PILLARS OF THE RISK FUNCTION 182 B. RISK CONTROL AND MANAGEMENT

MODEL - Advanced Risk Management 182 1. Map of risks 183 2. Risk governance 185 3. Management processes and tools 192 4. Risk culture - Risk Pro 194 C. BACKGROUND AND UPCOMING

CHALLENGES 199 D. RISK PROFILE

199 1. Credit risk 230 2. Trading market risk and

structural risks 250 3. Liquidity risk and funding 261 4. Operational risk 270 5. Compliance and conduct risk 277 6. Model risk 280 7. Strategic risk 281 8. Capital risk 290 APPENDIX: EDTF TRANSPARENCY

176

Executive summary5. Risk management report

2015 ANNUAL REPORT

Pillars of the risk function páginas de 180 a 181

On-going improvement in credit risk profile páginas de 199 a 229

Integration of the risks culture and involvement of senior management in risk decisions and management.

Management of all risks with a forward-looking and comprehensive vision at all levels of the organisation.

Separation of risk functions from business functions.

Formulation and monitoring of the risk appetite, use of scenario analysis with advanced models and metrics, establishing a control, reporting and escalation framework for identifying risks.

Best in class for processes and infrastructure.

Over 80% of risk relates to retail banking.

Significant geographic and sector diversification.

Continuing improvement in main credit quality indicators, which at December 2015 stood at:

• Group NPL ratio 4.36%, down 83 b.p. on the previous year, with noteworthy reductions in Spain, Poland, SCF and Brazil.

• Coverage ratio of 73%, up 6 p.p. on year-end 2014.

• Provisions of EUR 10,108 million, with main reductions in the UK, Spain, Portugal and Poland.

• Falling cost of credit, down to 1.25%. A fall of 41 b.p in Brazil to 4.50%, supported by the strategy of changing the mix and launch of the Defence Plan.

Grupo Santander is focused on building the future through forward-looking management of all risks, protecting the present through a robust control environment.

Executive summary

Customer credit risk by country%

Spain20%

Brazil8%

UK33%

Portugal4%

Chile4%

US11%

Other20%

Main figures

NPL and coverage ratio%

Cost of credit1

%

2014 20142015 2015

Net inflowsMillion euros

2014 2015 2014 2015

1. Cost of credit = loan-loss provisions twelve months / average lending.

67

739,652

1.43

4.91

1.06

4.50

0.62

7,7051.25

0.14 0.03

4.36

5.19

Brazil

NPL ratio

Coverage ratio

Spain

UK

177

Executive summary5. Risk management report

2015 ANNUAL REPORT

Regulatory capital pages 281 to 289Non-financial risks pages 261 to 276

Liquidity risk and funding pages 250 to 260

Trading market risk and structural risks pages 230 to 249

The average VaR on SGCB trading activity remained low, due to our focus on customer service and geographic diversification.

An appropriate balance sheet structure ensures that the impact of changes in interest rates on net interest income and equity value are contained.

Coverage levels for the core capital ratio stand at around 100% for changes in interest rates.

Santander has a comfortable liquidity position, based on its commercial strength and model of autonomous subsidiaries, and substantial customer deposits.

Compliance with regulatory requirements (LCR 146%) ahead of schedule, with a further increase in the Group’s liquidity reserve to EUR 258,000 million.

The loan-to-deposit ratio remains at very comfortable levels (116%).

More favourable market scenario, with abundant liquidity at lower costs and increased recourse to medium and long-term wholesale finance in 2015: 18 issuing units in 15 countries and 14 currencies.

The CET1 ratio stands at 10.05%, in line with the Group s outlook for organic growth, and above the ECB’s required level for 2016 of 9.75%.

Operational risk Transformation project for the advanced measurement approach to risk.

Fostering measures against cyber-risk (Santander Cyber-Security Program) and fraud and to bolster information security.

Fostering awareness and knowledge of operational risk at all levels of the organisation.

Compliance and conduct risk Increasing supervisory pressure, particularly for conduct. New scope for the definition of conduct, and new implications in the context of stress testing.

New customer protection supervisors in various countries.

Updating social and environmental policies, laying out the principles and criteria for action in financing to certain customer segments in the Group

MIN (8.2)

Jan

2013

Mar

20

13

May

20

13

Jul 2

013

Sep

2013

Nov

20

13

Jan

2014

Mar

20

14

May

20

14

Jul 2

014

Sep

2014

Nov

20

14

Jan

2015

Mar

20

15

May

20

15

Jul 2

015

Sep

2015

Nov

20

15

Dec

20

15

35

30

25

20

15

10

5

VaR 2013-2015: change over timeMillion euros. VaR at 99% confidence interval over a one day horizon

— VaR— 15-day moving average— 3-year average VaR

MAX (31.0)

Short-term liquidity coverage ratio (LCR )

Dec 14

120%

Dec 15

146%

CET1D´14*

CET1D´15

Non-recurring positive and

negative net results

Generation2015

9.65%

+0.50 10.15%

-0.10

10.05%

Evolution of fully loaded CET1 %

* The 2014 proforma figure includes January 2015 capital increase.

178

Navigation map5. Risk management report

2015 ANNUAL REPORT

This report contains extensive information on the risks faced by the Group, how it manages and controls these, and the way they affect its activity and results. The report also provides details of the actions taken by the entity to minimise the occurrence of such risks and mitigate their severity.

Following best practice in the market, the following navigation map helps to follow the main issues dealt with in this risk management report through the various documents the Group publishes:

the annual report, the audit report, the annual financial statements and the prudential relevance report (PRI or Pillar III). To further foster transparency, the PRI also includes a glossary of the basic risk terminology used in this section and the PRI itself.

The appendix at the end of the risk report includes a table detailing the location of the EDTF recommendations (EnhancedDisclosure Task Force, promoted by the Financial Stability Board) in the information published by Grupo Santander.

179

Navigation map5. Risk management report

2015 ANNUAL REPORT

Map for navigating Grupo Santader’s documents with risk management and control information

Annual Audit Report & IPR Block Points Report Annual accounts (Pillar III)

Risk function pillars Risk function pillars Page 180 Note 54.a Section 5Map of risks Page 182Risk governance Page 183

Lines of defence Page 183Risk committees structure Page 183Structural organisation of the risk function Page 184The Group’s relationship with subsidiaries in risk management Page 185

Risk control and Section 5Management processes and tools Page 185 Note 54.bmanagement modelRisk appetite and structure of limits Page 186Risk Identification Assessment (RIA) Page 188Analysis of scenarios Page 189Recovery and resolution plans Page 190Risk Data Agreggation and Risk Reporting Framework (RDA & RRF) Page 191

Risk culture Page 192Background and Background and upcoming challenges Page 194 Sections 2 and 5upcoming challenges

Introduction to the treatment of credit risk Page 199Main magnitudes and evolution (risk map, evolution, conciliation, Page 200geographic distribution and segmentation, management metrics)Detail of main markets: UK, Spain, Brazil Page 208Other risk credit risk optics (credit risk by activities in financial markets, Page 216 Note 54.cconcentration risk, country risk, sovereign risk and social and environmental risk) and other notes Credit risk Section 6Credit risk cycle (pre-sale, sale and post sale) Page 224 and related

informationRisk study and process of credit rating, and planning Page 224and setting of limits (analysis of scenarios)Decision on operations (mitigation techniques of credit risk) Page 226Monitoring, measurement and control Page 227Recovery management Page 228

Activities subject to market risk and types of market risk Page 230Trading market risks Page 232

Main magnitudes and evolution Page 232Methodologies Page 241

Note 54.dTrading market risk System for controlling limits Page 243 and other notes Section 8and structural risk Structural risk balance sheet Page 244 and related

informationMain magnitudes and evolution Page 244Methodologies Page 247System of control of limits Page 248

Pension and actuarial risks Page 248Introduction to the treatment of liquidity and funding risk Page 250Liquidity management (organisational model and governance, balance sheet analysis Note 54.e

Liquidity risk Page 250and measurement of liquidity risk, Management adapted to business needs) and other notes Section 9and funding and related

Financing strategy and evolution of liquidity in 2015 Page 254 informationFunding outlook for 2016 Page 260Definition and objectives. Page 261Risk management model and control of operational risk (management Note 54.f cycle, identification model, measurement and risk assessment, Page 261 and other notes Section 10Operational risk implementation of the model, reporting system) and related Evolution of the main metrics. Mitigation measures. Business continuity plan Page 265 information

Other aspects of control and monitoring of operational risk Page 268Mission, scope, definitions and purpose Page 270Compliance risk control and supervision Page 270Governance and the organisational model Page 271

Note 54.g Compliance and Regulatory compliance Page 272 and other notes Section 11conduct risk Governance of products and consumer protection Page 274 and related

informationAnti-money laundering and terrorist financing Page 275Reputational risk Page 275Regulatory risk assessment model and risk appetite and exercise Page 276

Model risk Model risk Page 277 Note 54.hStrategic risk Strategic risk Page 280 Note 54.i

Regulatory framework Page 282Note 54.j

Regulatory capital Page 283 and other notes Section 4Capital riskEconomic capital Page 286 and related

informationPlanning of capital and stress test exercices Page 287

Appendix: EDTF table of recommendations Page 290 Section 3EDTF transparency

180

Pillars of the risk function5. Risk management report

2015 ANNUAL REPORT

EXECUTIVE SUMMARYA. PILLARS OF THE RISK FUNCTIONB. RISK CONTROL AND MANAGEMENT MODEL - Advanced Risk ManagementC. BACKGROUND AND UPCOMING CHALLENGESD. RISK PROFILEAPPENDIX: EDTF TRANSPARENCY

A. Pillars of the risk function

Grupo Santander has set itself the target of achieving excellence in risk management. Throughout its 150 year history, risk management has always been a priority for the Group. In 2015, major progress has been made to anticipate and to meet the big challenges faced against a constantly shifting economic, social and regulatory background.

This means that the risk function is now more crucial than ever for Grupo Santander, as it enables it to be a solid, secure and sustainable bank.

Grupo Santander is focused on building the future through a forward-looking management of all risks, while safeguarding the present through a robust control environment. Thus, its policy is that the risks function is based on the following pillars, which are aligned

with the Santander Group’s strategy and business model, that take on board the recommendations of supervisory bodies, regulators and best market practices:

1. The business strategy is defined by the risk appetite. The board of Grupo Santander determines the quantity and type of risk it considers reasonable to assume in the execution of its business strategy and to create targets that are objective, comparable and consistent with the risk appetite for each key activity.

2. All risks have to be managed by the units which generate them using advanced models and tools and integrated in the different businesses. Grupo Santander is promoting advanced

181

Pillars of the risk function5. Risk management report

2015 ANNUAL REPORT

risk management using models and innovative metrics, and also a control, reporting and escalation framework in order to pinpoint and manage risks from different standpoints.

3. The forward-looking approach for all risk types must be part of the risk identification, assessment and management processes.

4. The independence of the risk function encompasses all risks and provides an appropriate separation between the risk generating units and units responsible for controlling these risks. It implies that the risk function should also have sufficient authority and direct access to management and governance bodies which are responsible for establishing and overseeing risk strategy and policies.

5. Risk management has to have the best processes and infrastructures. Grupo Santander aims to be a benchmark model in developing risk management support infrastructure and processes.

6. A risk culture which is integrated throughout the organisation, composed of a series of attitudes, values, skills and guidelines for action to cope with all risks. Grupo Santander believes that advanced risk management cannot be achieved without a strong and steadfast risk culture which is found in each and every one of its activities.

RISK APPETITE DRIVES

BUSINESS

Integration of risks within business

Forward looking approach for all risk types

Risk function Independence

Best-in-class risk infrastructure

GROUP-WIDE EMBEDDED RISK CULTURE

182

5. Risk management report2015 ANNUAL REPORT

Risk control and management model - Advanced Risk Management > Map of risks

EXECUTIVE SUMMARYA. PILLARS OF THE RISK FUNCTIONB. RISK CONTROL AND MANAGEMENT MODEL - Advanced Risk Management 1. Map of risks 2. Risk governance 3. Management processes and tools 4. Risk culture - Risk ProC. BACKGROUND AND UPCOMING CHALLENGESD. RISK PROFILEAPPENDIX: EDTF TRANSPARENCY

B. Risk control and management model - Advanced Risk ManagementThe model of managing and controlling risks ensures the risk profile is maintained within the levels set by the risk appetite and the other limits. It also incorporates the adoption of the necessary corrective and mitigation measures to maintain risk levels in line with the defined objectives.

In 2014, the Group launched the Advanced Risk Management (ARM) programme, which is mainly aimed at helping to the Group’s shift towards advanced management, laying down the foundations to have the best enterprise wide risk management model in the financial industry.

Through the roll-out of ARM in 2015 in all the Group units, progress has been made in strategic projects already under way such as the Risk Data Aggregation/Risk Reporting Framework (RDA/RRF), evolving the risk appetite, bolstering the control environment through governance of the risk function, and in developing new initiatives such as model risk management or Advanced Operational Risk Management (AORM), inter alia. The programme is also helping to reinforce the risk culture which is still one of the Group’s hallmarks.

The elements enabling adequate management and control of all these risks derived from Grupo Santander’s activity are set out below.

B.1. Map of risks

Identifying and evaluating all risks is a corner stone for controlling and managing risks. The risks map covers the main risk categories in which Grupo Santander has its most significant exposures, current and/or potential, facilitating this identification.

Credit risk

Model risk

Operational risk

Market risk

Reputational riskConduct risk

Liquidity risk

Strategic risk

Compliance and legal risk

Structural and capital risks

Financial risks Non-financial risks Transversal Risks

The first level includes the following risks

Financial risks• Credit risk: risk of loss derived from non-compliance with

contractual obligations agreed in financial transactions.

• Market risk: that incurred as a result of the possibility of changes in market factors that affect the value of positions in the trading book.

• Liquidity risk: risk of not complying with payment obligations on time or doing so with an excessive cost.

• Structural and capital risks: risk occasioned in the management of the various balance sheet items, including those concerning sufficient equity levels and those resulting from insurance and pension activities.

183


Risk control and management model - Advanced Risk Management > Risk governance

Non-financial risks• Operational risk: risk of losses resulting from inadequate or

failed processes, people and internal systems, or from external events.

• Conduct risk: risk caused by inadequate practices in the Bank’s relationships with its customers, the treatment and products offered and their adequacy for each specific customer.

• Compliance and legal risk: risk owing to the breach of the legal framework, norms or regulators’ and supervisors’ requirements.

Transversal risks• Model risk: consists of losses arising from decisions mainly

based on results of models, due to errors in the design, application or usage of such models.

• Reputational risk: risk of damages to the way the bank is perceived by public opinion, but its clients, investors or any other interested party.

• Strategic risk: risk that results are significantly removed from the entity’s strategy or business plan due to changes in the general rules of business and risks associated to strategic decisions. It includes the risk of badly implementing decisions or the lack of response capacity to changes in the business environment.

All risk should be referenced to the basic risk categories established in the Risk Map, in order to organise its management, control and related information.

B.2. Risk governance

In 2015, governance of the risk function was updated and reinforced, by including the best international practices, in order to strengthen the Group’s corporate governance. The responsibilities of the different committees have been defined more clearly, separating risk decision-making and management units which take part in business functions from those responsible for risk control.

The governance of the risk function should safeguard adequate and efficient decision-taking and the effective control of risks, and ensure that they are managed in accordance with the risk appetite defined by the Group’s Top Management and by the units, if applicable.

For this purpose, the following principles are established:

• Segregation between risk decision-taking and control.

• Stepping up the responsibility of risk generating functions in the decision making process.

• Ensuring that all risks decisions have a formal approval process.

• Ensuring an aggregate overview of all risk types.

• Bolstering the risk control committees.

• Maintaining a simple committees structure.

B.2.1. Lines of defence

Banco Santander’s management and control model is based on three lines of defence.

The business functions or activities that create exposure to a risk are the first line of defence. The acceptance or generation of risk in the first line of defence should be adjusted to appetite and the limits defined. In order to tend to this function, the first

line of defence must have the resources to identify, measure, manage and report the risks assumed.

The second line of defence consists of the risk control and oversight function and by the compliance function. This line vouches for effective control of the risks and ensures they are managed in accordance with the level of risk appetite defined.

Internal audit is the third line of defence and as the last layer of control in the Group regularly assesses the policies, methods and procedures to ensure they are adequate and are being implemented effectively.

There is a sufficient degree of segregation between the risk control function, the compliance function and the internal audit function, and also between them and other functions which control or supervise them, to ensure that their functions are performed and that they have access to the board of directors and/or its committees through their heads.

B.2.2. Risk committees structure

Ultimately, the board of directors is responsible for risk control and management, and, in particularly, for setting the risk appetite for the Group, and it can delegate its powers to committees. The board uses the risk supervision, regulation and compliance committee (Board Risk Committee, BRC), as an independent risk control and oversight committee. The executive committee of the Group also pays special attention to managing the Group’s risks.

184


Risk control and management model - Advanced Risk Management > Risk governance

The following bodies form the highest level of risk governance.

Bodies for independent control Board Risk Committee:The purpose of this committee is to assist the board in the sphere of risk supervision and control, define the Group’s risk policies, relations with the supervisory authorities and matters of regulation and compliance, sustainability and corporate governance.

It is made up of external non-executive directors (mostly independent ones) and is chaired by an independent director.

The functions of the board risk committee are:

• Support and advise the board in defining and assessing the risk policies that affect the Group and in determining the risk propensity and risk strategy.

• Provide assistance to the board for overseeing implementation of the risk strategy and its alignment with strategic commercial plans.

• Systematically review the exposures with the main clients, economic sectors, geographic areas and types of risk.

• Know about and assess management tools, ideas for improvement, the progress in projects and any other relevant activity relating to risk control over the course of time, including the internal risk model policy and its internal validation.

• Support and advise the board as regards supervisors and regulators in the various countries where the Group operates.

• Oversee compliance with the general code of conduct, of the anti-money laundering and combating terrorism financing manuals and procedures, and, in general, for the rules of governance and the Company’s compliance programme, and make proposals necessary for improvement. In particular, it is the committee’s responsibility to receive information and, where necessary, issue reports on the disciplinary measures for senior management.

• Supervise the Group’s policy and rules of governance and compliance and, in particular, adopt the actions and measures that results from the reports or the inspection measures of the administrative authorities of supervision and control.

• Monitor and assess the proposed regulations and regulatory developments that result from their implementation and the possible consequences for the Group.

Risk control committee (RCC):This collegiate body is responsible for the effective control of risks, ensuring they are managed in accordance with the level of risk appetite approved by the board, permanently adopting an all-inclusive overview of all the risks included in the general risk framework. This duty implies identifying and tracking both current and emerging risks, and gauging their impact on the Group’s risk profile.

This committee is chaired by the Group Chief Risk Officer (GCRO) of the Group and is made up of Bank senior management. The risk function, which chairs the committee, and the compliance, financial accounting and control and risk control are represented, at least. The

CROs of local entities will take part in the committee meetings on a regular basis in order to report on the risk profile of the different interiorised, as well as other tasks.

The risk control committee reports to the board risk committee and assists it in its function of supporting the board.

Decision making bodiesExecutive risk committee (ERC): This collegiate body is responsible for risk management, due to the powers assigned to it by the board of directors, and, within its field of action and decision making, it addresses all matters relating to risks.

It takes part in risk decision making at the highest level, ensuring that risk decisions are within the limits set out in the Group’s risk appetite, and it reports its activity to the board or its committees whenever it is required to do so.

This committee is chaired by an executive vice president of the board, and includes the chief executive officer, executive directors, and other directors of the entity. The risk function, financial function and compliance function, inter alia, are represented. The CRO of the Group has a right to veto the decisions taken by this committee.

B.2.3. Structural organisation of the risk function

The Group Chief Risk Officer (GCRO) is responsible for the risk function and reports to the Bank’s executive vice-chairman, who is a member of the board of directors and chairman of the executive risk committee.

The GCRO advises and challenges the executive line and also reports independently in the risk, regulatory and compliance committee and to the board.

Advanced risk management has a holistic and forward-looking approach to risks, based on intensive use of models, designed to build up a solid control environment while also complying with the regulator’s and supervisor’s requirements.

The risk management and control model is structured on the following pillars:

• Coordination of the relationship between the local units and the Corporation, assessing the effective deployment of the risk management and control framework in each unit and ensuring they are aligned to achieve strategic risk targets.

• Enterprise Wide Risk Management (EWRM) provides a consolidated oversight of all risks to the senior management and the Group’s governance bodies, and the development of the risk appetite and the risk identification and assessment exercise. It also develops risks relations with supervisors and regulators.

• Control of financial, non-financial and transversal risks (see the map of risks in section B.1. Map of risks), verifying that management and exposure by type of risk is in line with what senior management establishes.

185


Risk control and management model - Advanced Risk Management > Management processes and tools

• Development within the scope of risk of the policy, methodologies, scenario analyses, stress tests and data infrastructure, and robust risk governance.

B.2.4. The Group’s relationship with subsidiaries in risk management

Regarding the alignment of units with the corporationThe management and control model shares, in all the Group’s units, basic principles via corporate frameworks. These frameworks are established by the Group, and the local units adhere to them through their respective boards of directors, shaping the relations between the subsidiaries and the Group, including the role played by the latter in taking important decisions by validating them.

Over and above these principles and basics, each unit adapts its risk management to its local reality, in accordance with corporate frameworks and reference documents provided by the Corporation, so creating a recognisable risk management model in Grupo Santander.

One of the strengths of this model is the adoption of the best practices developed in each of the units and markets in which the Group operates. The corporate risk divisions act as centralisers and conveyors of these practices.

Furthermore, the Santander Group-Subsidiary Governance Model and good governance practices establishes regular interaction and functional reporting by each local CRO to the GCRO, and

B.3. Management processes and tools

also stipulates that the Group must take part in the process of appointing, setting targets, assessment and remuneration of those local CRO, all in order to ensure risks are adequately managed in the Group.

Regarding the structure of committeesThe Group-Subsidiaries Governance Model and good governance practices for subsidiaries recommends that each subsidiary should have a statutory risk committee and also an executive risk committee, chaired by the CEO, in keeping with the best corporate governance practices, and homogeneous to those already in place in the Group.

The governance bodies of the subsidiary entities are structured in accordance with the local regulatory and legal requirements and the dimension and complexity of each subsidiary, being coherent with those of the parent company, as established in the internal governance framework, thereby facilitating communication, reporting and effective control.

The administration bodies of the subsidiaries, in accordance with the internal governance framework established in the Group, will define their own model of risk powers (quantitative and qualitative). These local models of assigning powers must follow the principles contained in the reference models and frameworks developed at the corporate level.

Given its capacity of comprehensive (enterprise wide) and aggregated vision of all risks, the Corporation will exercise a role of validation and questioning of the operations and management policies in the various units, insofar as they affect the Group’s risk profile.

Risk identification and Recovery and Assessment (RIA) resolution plans

• More robust and systematic risk profile • Adaptation to new international assessment guidelines

• Approach based on:

- risk performance

- assessment of the control environment

- identification of potential risks

• New crisis management model

Risk Data Aggregation & Risk Reporting Framework (RDA/RRF) Analysis of scenarios

• Compliance with the principles • Make strategic planning more robust by of BCBS239* for effective risk data challenging the modelaggregation and risk reporting • Draw up improvement plans for

• Structural and operational processes and procedures, backed by improvements to enhance reporting of self-assessment exercisesall risks at all levels

* Basel Committee on Banking Supervision.

Risk appetite

• Significant improvement in metrics with the greatest granularity and inclusion of new capital, liquidity, and structural and operational risk metrics

• Significant extension of the risk appetite culture and governance

186



B.3.1. Risk appetite and structure of limits

Santander defines risk appetite as the amount and type of risks considered reasonable to assume for implementing its business strategy, so that the Group can maintain its ordinary activity in the event of unexpected circumstances. Severe scenarios are taken into account that could have a negative impact on the levels of capital, liquidity, profitability and/or the share price.

The board is responsible for annually setting and updating the risk appetite, monitoring the Bank’s risk profile and ensuring consistency between both of them. The risk appetite is set for the whole of the Group as well as for each of the main business units in accordance with a corporate methodology adapted to the circumstances of each unit/market. At the local level, the boards of the subsidiaries are responsible for approving the respective risk appetite proposals once they have been validated by the Group.

In the 2015 year, the risk appetite local implementation process was completed, and it was bolstered by all units signing up to the corporate risk appetite Framework. This framework sets out common requirements across the entire organisation in processes, metrics, governance bodies, controls and corporate standards for integration in risk appetite management, and it is also cascaded down in an effective and traceable way to management policies and limits.

In 2015, the Group also moved ahead in aligning strategic planning with risk appetite. The business plans for the next three years were approved while also analysing their consistency with local appetites and the Group appetite in all units. Likewise, crisis management plans in 2015 were directly linked to risk appetite metrics and limits.

The scope of the metrics has also been broadened, improving coverage of operational, liquidity and structural risk, and with a greater focus on losses and capital stress metrics.

In 2016, the Group will make further efforts towards ongoing improvement and deeper analysis of risk appetite within the Advanced Risk Management (ARM) programme. It will seek to reinforce the treatment of non-financial risks, defining specific plans for management and treatment of risk appetite, inter alia.

Banking business model and fundamentals of the risk appetiteThe definition and establishment of the risk appetite in Grupo Santander is consistent with its risk culture and banking business model from the risk perspective. The main elements that define this business model and which are behind the risk appetite are:

• A general medium-low and predictable risk profile based on a diversified business model, focused on retail and commercial banking and with an internationally diversified presence and with important market shares, and a wholesale banking business model that gives priority to relations with clients in the Group’s main markets.

• A stable and regular earnings and shareholder remuneration policy, underpinned by a sound base of capital and liquidity and an effective diversification strategy in terms of sources and terms.

• An organisational structure based on subsidiaries that are autonomous and self-sufficient in capital and liquidity, minimising the use of non-operational or shell companies, and ensuring that no subsidiary has a risk profile that jeopardises the Group’s solvency.

• An independent risk function with very active involvement of senior management that guarantees a strong risk culture focused on protecting and ensuring an adequate return on capital.

• A management model that ensures a global and inter-related view of all risks, through an environment of control and robust monitoring of risks, with global scope responsibilities: all risk, all businesses, all countries.

• Focus in the business model on those products that the Group knows sufficiently well and has the management capacity (systems, processes and resources).

• The development of its activity on the basis of a conduct model that oversees the interests of clients and shareholders.

• Adequate and sufficient availability of staff, systems and the tools that guarantee maintaining a risk profile compatible with the established risk appetite, both at the global and local levels.

• A remuneration policy that has the necessary incentives to ensure that the individual interests of employees and executives are aligned with the corporate framework of risk appetite and that these are consistent with the evolution of the Bank’s long-term results.

Corporate risk appetite principlesThe following principles govern Grupo Santander’s risk appetite in all its units:

• Responsibility of the board and of senior management. The board is the maximum body responsible for setting the risk appetite and supporting regulations, as well as supervising compliance.

• Enterprise Wide Risk, backtesting and questioning risk profile. The risk appetite must consider all significant risks to which the Bank is exposed, facilitating an aggregate vision of the risk profile through the use of quantitative metrics and qualitative indicators. This enables the board and senior management to question and assimilate the current risk profile and that envisaged in business and strategic plans and its coherence with the maximum risk limits.

• Forward-looking view. The risk appetite must consider the desirable risk profile for the current moment as well as in the medium term, taking into account both the most probable circumstances as well as stress scenarios.

• Linkage with strategic and business plans, and integration in management. The risk appetite is a benchmark in strategic and business planning and is integrated into management through a bottom-up and top-down focus:

187



• top-down vision: the board must lead the setting of the risk appetite, vouching for the disaggregation, distribution and transfer of the aggregated limits to the management limits set at the portfolio level, unit or business line.

• bottom-up vision: the risk appetite must emanate from the board’s effective interaction with senior management, the risk function and those responsible for the business lines and units. The risk profile contrasted with the risk appetite limits will be determined by aggregation of the measurements at the portfolio, unit and business line level.

• Coherence in the risk appetite of the various units and common risk language throughout the organisation. The risk appetite of each unit of the Group must be coherent with that defined in the remaining units and that defined for the Group as a whole.

• Regular review, continuous backtesting and adapting to the best practices and regulatory requirements. Assessing the risk profile and backtesting it against the limits set for the risk appetite must be an iterative process. Adequate mechanisms must be established for monitoring and control that ensure the risk profile is maintained within the levels set, as well as taking corrective and mitigating measures that are necessary in the event of non-compliance.

Limits structure, monitoring and controlThe risk appetite is formulated every year and includes a series of metrics and limits on these metric (statements) which express in quantitative and qualitative terms the maximum risk exposure that each unit of the Group or the Group as a whole is prepared to assume.

Fulfilling the risk appetite limits is continuously monitored. The specialised control functions report at least every quarter to the board and its risk committee on the adequacy of the risk profile with the risk appetite authorised.

The excesses and non-compliance with the risk appetite are reported by the risk control function to the relevant governance bodies. The presentation is accompanied by an analysis of the causes that provoke it, an estimation of the time they will remain this way as well as the proposed actions to correct the excess when the corresponding governance body deems it opportune.

Linkage of the risk appetite limits with the limits used to manage the business units and portfolios is a key element for making the risk appetite an effective risk management tool.

The management policies and structure of the limits used to manage the different types and categories of risk, which are described in greater detail in sections D.1.5.2. Planning (Strategic Commercial Plan), D.2.2.3. and D.2.3.3. Systems for controlling limits in this Report, have a direct and traceable relation with the principles and limits defined in the risk appetite.

In this way, the changes in the risk appetite are transferred to changes in the limits and controls used in Santander’s risk management and each one of the business and risk areas is responsible for verifying that the limits and controls used in their daily management are set in such a way that they cannot fail to comply with the risk appetite limits. The risk control and supervision function will then validate this assessment, ensuring the adequacy of the management limits to the risk appetite.

Pillars of the risk appetiteThe risk appetite is expressed via limits on quantitative metrics and qualitative indicators that measure the exposure or risk profile by type of risk, portfolio, segment and business line, both in current and stressed conditions. These metrics and risk appetite limits are articulated in five large areas that define the positioning that Santander’s senior management wants to adopt or maintain in the development of its business model:

• The volatility in the income statement that the Group is willing to accept.

• The solvency position that the Group wants to maintain.

• The minimum liquidity position that the Group wants to have.

• The maximum levels of concentration that the Group considers reasonable to admit.

• Qualitative aspects and supplementary metrics.

Core areas of appetite and key metrics

Volatility of results Solvency Liquidity Concentration

Complementary aspects

•

•

•

Maximum loss the Group is prepared to accept under a scenario of acute tensionMaximum technological and operational risk (RTO)Sensitivity of net interest margin to changes in interest rates

•

•

The minimum capital position the Group is prepared to accept under a scenario of acute tensionImpact in CET1 ratios in specific tension exercises for its main types of risks

•

•

Minimum structural liquidity positionMinimum liquidity horizon position that the Group is prepared to accept under a scenario of acute tension

•

• •

• •

Concentration by individual customerConcentration by top-NConcentration in non-investment grade counterpartiesSector concentrationConcentration in high-volatility portfolios

•

•

Qualitative operational risk indicators:• Fraud• Technological• Cyber risk and security• Litigation• Other... Qualitative restrictions

188



Volatility of resultsIts object is to limit the potential negative volatility of the results projected in the strategic and business plan in the event of stress conditions.

This axis contains metrics which measure the behaviour and evolution of real or potential losses in the business.

Stress tests included at this level measure the maximum level in the fall in results, under adverse conditions, in the main types of risk to which the Bank is exposed, with a feasible probability of occurring and similar by risk type (so that they can be aggregated).

SolvencyThe object of this axis is to ensure that risk appetite adequately considers the maintenance and upkeep of the entity’s equity, keeping capital higher than the levels marked by regulatory requirements and market demand.

Its purpose is to determine the minimum level of capital which the entity considers it needs to maintain to cope with potential losses under both normal and stressed conditions and arising from its activity and from its business and strategic plans.

This capital focus included in the risk appetite framework is supplementary and consistent with the Group’s capital objective approved within the capital planning process implemented in the Group and which extends to a period of three years (further details are provided in chapter D.8 Capital risk of this report and the Prudential Relevance Report -Pillar III-).

Liquidity positionGrupo Santander has developed a funding model based on autonomous subsidiaries that are responsible for covering their own liquidity needs. On this basis, liquidity management is conducted by each subsidiary within a corporate framework of management that develops its basic principles (decentralisation, equilibrium in the medium and long term of sources-applications, high weight of customer deposits, diversification of wholesale sources, reduced recourse to short-term funds, sufficient reserve of liquidity) and revolves around three main pillars (governance model, balance sheet analysis and measurement of liquidity risk, with management adapted to business needs). D.3 Liquidity risk and funding of this Report has more information on the corporate framework Liquidity risk and funding of this Report.

Santander’s liquidity risk appetite establishes demanding objectives of position and time frames for systemic stress scenarios (local and global) and idiosyncratic. In addition, a limit is set on a structural funding ratio that relates customer deposits, equity and medium and long term issues to structural funding needs.

ConcentrationSantander wants to maintain a widely diversified risk profile from the standpoint of its exposure to large risks, certain markets and specific products. In the first instance, this is achieved by virtue of Santander’s retail and commercial banking focus with a high degree of international diversification.

This level includes individual maximum exposure limits with customers, aggregated maximum exposure with major counterparties, maximum exposure by activity sectors, in Commercial Real Estate and in portfolios with a high risk profile. Customers with an internal rating lower than investment grade or equivalent or which are in excess of a certain degree of exposure are also monitored.

Qualitative aspects and other complementary metricsThis seeks to delimit risk exposures in a complementary way to the previous pillars.

Risk limits expressed both qualitatively (for example, the ban on operating with complex market products) as well as expressed in other quantitative metrics (for example, operational risk indicators) are studied so that relevant risks not considered in the other categories can be controlled. A qualitative indicator on the state of management is incorporated in operational risk, based on the results of indicators on other issues including governance and management, budgetary compliance, quality of the data bases of events, and corporate self-assessment questionnaires on the control environment. An indicator of compliance and reputational risk is also incorporated from an assessment matrix created for the purpose.

B.3.2. Risk identification and assessment (RIA)

Banco Santander, as part of its routine management, identifies and assesses the risks to which it is exposed in the countries in which it operates, and which are inherent in its activity.

In late 2014 the Group launched a corporate Risk identification & assessment exercise with the aim of making the Group’s risk profile assessment more robust and systematic. In 2015, the risk profile of the Group, its units and the most important risk types have been assessed, and a high degree of correlation was obtained between the sensitivity to risk factor results in the Risk identification and assessment (RIA) exercise and the corporate ICAAP stress scenarios.

The Group has also made headway in the methodological development of the corporate Risk Identification and Assessment exercise, underlining the importance of the identification and assessment of potential risk factors for the Group, greater stringency in assessing the control environment, extending the scope of the exercise and a more robust link with generating idiosyncratic scenarios in capital planning.

Risk identification & assessment is one of the initiatives which form part of the ARM (Advanced Risk Management) programme which pursues the goal of advanced risk management in order to ensure Santander is a solid and sustainable bank in the long term.

It also complies with regulatory requirements concerning a more in-depth understanding of the Group’s risk profile and the importance attached to pinpointing, assessing and evaluating the entity’s top risks, the associated control environment and any potential factors which could jeopardise the success of the Group’s strategic plan.

189



According to the methodology used in the RIA exercise, three factors are taken into account in determining the Group’s risk profile:

Top risks Control

environment

Risk performance

Assessment of risk profile

• Risk performance, indicating the profile by risk type and business activity.

• Control environment to objectively establish a self-assessment regarding the effectiveness of risk management and control in accordance with pre-established targets and a defined control model.

• Top Risks to identify the material risks which could jeopardise strategic and business targets, and setting up action plans, which are then monitored.

One of the most important points for the RIA exercise is to develop a methodology to identify current material risks which senior management considers to be an area of attention. Such risks are considered to be risks which could alone, or in combination with other risks, have a significant impact on the Bank’s results, on its financial position and its capacity to maintain appropriate capital levels.

It is also used to identify what are known as emerging risks, in other words risks which could potentially have an adverse impact on the Group’s future performance, although their result and horizontal time frame are uncertain and difficult to predict (for further details see section ‘Emerging risks’ from chapter C. Background and upcoming challenges).

Looking towards 2016, the Group has its sights set on reinforcing the identification and assessment exercise, including all risks and extending the scope to all entities in which the Group has a presence.

B.3.3. Analysis of scenarios

Banco Santander conducts advanced management of risks by analysing the impact that different scenarios could provoke on the environment in which the Bank operates. These scenarios are expressed both in terms of macroeconomic variables as well as other variables that affect management.

Analysis of scenarios is a very useful tool for senior management as it enables the Bank’s resistance to stressed environments or scenarios to be tested, as well as put into effect measures to reduce the Bank’s risk profile to these scenarios. The objective is to maximise the stability of the income statement and the levels of capital and liquidity.

This forward looking vision has helped Santander to remain among the select group of international banks that throughout the crisis generated profits and maintained its dividend policy.

The robustness and consistency of the exercises of scenario analysis are based on three pillars:

• Developing mathematical models that estimate the future evolution of metrics (for example, credit losses), based on both historic information (internal of the Bank and external of the market), as well as simulation models.

• Including the expert judgement and know-how of portfolios, questioning and backtesting the result of the models.

• The backtesting of the result of the models against the observed data, ensuring that the results are adequate.

Uses of analysis of scenarios• Regulatory uses: scenario stress tests are performed using the

guidelines set by the European regulator or each one of the national regulators who oversee the Bank’s activity.

• Internal exercises of self-assessment of capital (ICAAP) or liquidity (ILAAP) in which while the regulator can impose certain requirements, the Bank develops its own methodology to assess its capital and liquidity levels in the face of different stress scenarios. These tools enable capital and liquidity management to be planned.

• Risk appetite. Contains stressed metrics on which maximum levels of losses (or minimum of liquidity) are established that the Bank does not want to exceed. These exercises are related to capital and liquidity exercises, although they have different frequencies and present different granularity levels. The Bank continues to work to improve the use of analysis of scenarios in risk appetite and ensure an adequate relation of these metrics with those used in daily risk management. For more detail see sections B.3.1. Risk appetite and structure of limits and D.3. Liquidity risk and funding of this Report.

• Daily risk management. Analysis of scenarios is used in processes for budgeting processes and strategic planning, in the generation of commercial policies of risk admission, in the global analysis of risks by senior management or in specific analysis on the profile of activities or portfolios. Further details are provided in the sections on credit risk (section D.1.5.2. Planning (Strategic commercial plan), market risk (D.2.2.1.6. and D.2.2.2.3. Analysis of scenarios) and liquidity risk (D.3.2.2. Balance sheet analysis and measurement of liquidity risk).

190



Scenario analysis project in the Advanced Risk Management programmeThe scenario analysis project has been added to the other initiatives which form part of the Advanced Risk Management (ARM) programme, with the aim of improving management through metrics and advanced models. This project is divided into four core areas:

• Tool for analysing scenarios: installation of an advanced tool for estimating losses with greater soundness and computerisation of information handling, with the capacity to aggregate various types of risk and with an environment of multi user execution.

• Governance: review of the framework of governance of the exercises of scenario analysis in order to adjust to their growing importance, greater regulatory pressure and best market practices.

• Methodology: preparing plans to develop statistical stress models which have sufficient precision and granularity to meet requirements, not only of current regulation and supervision, but also to improve predictive risk capacity in accordance with advanced management.

• Processes and procedures: continuous self-assessment exercises and improvement plans to evolve processes in the context of advanced scenario analysis management.

B.3.4. Recovery and resolution plans

In 2015, the Bank prepared the sixth version of its corporate recovery plan, the most important part of which envisages the measures available to emerge on its own from a very severe crisis. This plan was initially prepared at the behest of the European Central Bank, which has become the main supervisor of Grupo Santander (mandate assigned under the Single Supervisory Mechanism, which came into force on 4 November, 2014), on the basis of regulations applicable in the European Union1. The Plan also considers the non-binding recommendations made in this area by international bodies such as the Financial Stability Board - FSB2).

As with the previous versions from 2010 to 2014, the Group presented the plan to the relevant authorities (for the first time, to the ECB in December, unlike in other years when it was submitted to the Bank of Spain) for it to be assessed in the first half of 2016.

This plan comprises of the corporate plan (covering to Banco Santander) and the individual plans for the main local units (United Kingdom, Brazil, Mexico, US, Germany, Argentina, Chile, Poland and Portugal), thereby meeting the commitment made by the Bank with the authorities in 2010. It is important to note the cases of the countries referred to above belonging to the European Union, where, apart from the fact that they are mandatory as the form part of the

corporate plan, they also need to be completely developed due to regulatory initiatives arising from the transposition of Directive 2014/59/EU (European Union Crisis Management Directive) to their local legislations.

During 2015 , the Group has adapted the plan structure and content to the new international guidelines, taking advantage to introduce improvements concerning potential crisis situation in the governance chapters (these improvements largely concern the indicators structure and the general crisis situation governance) and in strategic analysis.

The Group’s senior management is fully involved in preparing and regularly monitoring the content of the plans, through specific committees of a technical nature, as well as monitoring at the institutional level which guarantee that the content and structure of the documents are adapted to local and international regulations in crisis management, which have been in continuous development for the last years.

The board of directors is responsible for approving the corporate plan, once the plan’s content and data have been previously submitted and discussed in the bank’s main management and control committees (executive committee, board risk committee, executive risk committee, capital committee). The individual plans are approved by the local bodies and always in coordination with the Group, as these plans must be part of the corporate plan.

During 2016, the Group will continue to introduce improvements in the recovery plans, seeking to adopt developments in this domain which are observed in the market, as well as those necessary to fully adapt the local plans structure to the new European corporate framework, taking into account any restrictions arising from local authorities.

Regarding resolution plans, the authorities which take part in the Crisis Management Group (CMG) have adopted a common approach on the strategy to follow for the Group’s resolution plan that, given the legal and business structure with which Santander operates, corresponds to the so called multiple point of entry (MPE); they have signed the cooperation agreement on resolution (COAG); and have developed the first resolution plans. The corporate plan was analysed in a meeting of the Crisis Management Group held on 3 December. The Group continues to cooperate with the competent authorities in the preparation of resolution plans, providing all the information that the authorities might require.

As a case apart, in the US resolution plans are the responsibility of the banks themselves. The Group has presented the third version of the local resolution plans (one for all of the Group’s activities in the US, in line with the Federal Reserve’s regulations, and the other only covering Santander Bank, as the deposit-taking institution subject to the regulations of the Federal Deposit Insurance Corporation (FDIC).

1. Fundamentally, Directive 2014/59/UE (the ‘European Union Crisis Management Directive’); recovery regulatory implementations by the EBA in force (EBA/RTS/2014/11; EBA/GL/2014/06; EBA/GL/2015/02); EBA technical recommendation to the Commission regarding the identification of core business lines and critical functions (EBA/op/2015/05); EBA regulatory developments pending approval (EBA/CP/2015/01 on ITS resolution item templates); EBA regulatory developments which do not directly concern recovery but with important implications (EBA/GL/2015/03 on early warning triggers); local regulation of Spain: Credit entities and investment service firms recovery and resolution Act 11/2015.

2. FSB Key Attributes of Effective Resolution Regimes for Financial Institutions (15 October 2014, following the update of the first publication in October 2011).

191



B.3.5. Risk Data Aggregation & Risk Reporting Framework (RDA/RRF)

In recent years, the Group has developed and implemented the necessary structural and operating improvements to reinforce and consolidate enterprise wide risk, based on complete, precise and regular data. This allows the Group’s senior management to assess risk and act accordingly.

Against this background, Santander believes that regulatory requirements are aligned with the strategic risk transformation plan, and hence at the current date the Group complies with the standards set forth in the BCBS 239 regulation. The core aim of this project, which was launched in early 2015 and which has been successfully completed in 2015, was to ensure that the risk data reported to senior management will include the basic principles of Risk Data Aggregation (RDA).

Risks reports contain appropriate balance between data, analysis and qualitative comments, include forward-looking measures, risk appetite data, limits and emerging risks, and are distributed in due time and form to the senior management.

In the field of governance, the risk data and information quality committee was set up, and will be responsible for applying measures decided by the board in this area; a common data management methodology was also implemented using the pertinent models, procedures and guidelines.

The Group is equipped with a common reporting taxonomy which covers all the significant risk areas within the organisation, and which is in keeping with the Group’s size, risk profile and activity.

The senior management receives the following reports to ensure adequate risk management and decision making:

• Group risks report

• Risk factor reports:• Credit risk.• Market and structural risks.• Operational risk.• Capital.• Commercialisation compliance.• Regulatory compliance.• Anti-money laundering (AML).• Non-prudential risk (SAC).

• Risk units of each unit

Important technological developments have been implemented, allowing the Group to improve data aggregation capacities in a complete, exact, reliable and traceable way. The data throughout the Group (enterprise wide) is limited to a defined data taxonomy which is registered in a single data dictionary which is accessed by authorised bank risks personnel.

One of Grupo Santander’s commitments is to introduce new technologies to enhance data use, management and analysis. All these questions are addressed in pluri-annual plans adapted to the real situation of the Corporation and the geographies in which we operate.

B.3.6. Control environment

The risk management model has a control environment that guarantees adequate control of all the risks, contributing a comprehensive vision of them. This control is carried out in all the Group’s units and for each type of risk in order to ensure that the Group’s exposures and risk profile are within the mandates established by both the board as well as regulators.

The main functions that ensure effective control are:

1. Clearly assigning responsibilities in risk generating units through decision making and control of their activities.

2. Specialised control of each risk factor.

3. Supervision and aggregated consolidation of all risks.

4. Assessment of control mechanisms.

5. Independent assessment by internal audit.

192


Risk control and management model - Advanced Risk Management > Risk culture - Risk Pro

Our internal culture (The Santander Way) includes a Santander way of managing risks; a Santander risk culture which we call ‘risk pro’, which is one of our main competitive advantages on the market.

Grupo Santander’s robust risk culture is one of the key reasons why it has been able to cope with changes in economic cycles, customers’ new demands, increased competition, and to be considered as an entity which earns the trust of its employees, customers, shareholders and its communities.

Against a background of constant changes, with new types of risks and greater requirements by regulators, Grupo Santander wishes to maintain an excellent level of risk management in order to achieve sustainable growth.

Excellence in risk management is thus one of the strategic priorities that has most shaped the Group’s development. This involves consolidating a strong risk culture in the Group, a risk culture which all Grupo Santander employees are familiar with and which they apply.

This risk culture is defined through five principles which must necessarily form part of all the Group’s employees’ day-to-day activities:

Accountability, because all units and employees (no matter what function they perform) should know of and understand the risks incurred in their daily management and be responsible for identifying, assessing, managing and reporting.

Resilience, which is a combination of prudence and flexibility. All employees have to be prudent and steer clear of any risks they are not familiar with or which are in excess of the established risk appetite. They must also be flexible, because risk management has to quickly adapt to new environments and unexpected scenarios.

Challenge, because ongoing debate is encouraged throughout the Group. We always ask ourselves how to manage risks in a proactive, positive and open way, giving us an overview which allows us to anticipate future challenges.

Simplicity, because universal risk management needs clear processes and decisions which are documented and easily understood by employees and customers.

And, of course, customer focus. All risks actions are focused on the customer, on his or her long term interests. Our aim at Grupo Santander is to be the best retail and commercial bank that earns the lasting loyalty of our people, customers, shareholders and communities. We can achieve this goal by making a proactive contribution to help our customers prosper with excellent risk management.

B.4. Risk culture - Risk ProLong term

customer focusAccountability

Resilience

Challenge

Simplicity

The risk pro risk culture is being reinforced in all Grupo Santander units through three drivers:

• Development of a model for the Advanced Risk Management (ARM) programme. This is a solid and integrated programme which is designed to build towards the future using a forward-looking management and overview of all risks, which also safeguards our present with a strong control environment. For Grupo Santander, advanced risk management is a priority in its long-term objective of continuing to be a solid and sustainable bank.

• In the first phase of ARM, all the Group’s banks have been aligned with regulatory guidelines and have established the milestones for the roll-out of the programme’s initiatives. One of most important points is to have solid corporate governance of the risk function.

• Developing capacities and attitudes to achieve advanced risk management. A far-reaching plan has been set in motion for all Group units and employees to know about the risk culture, clearly understand its implications and for them to think carefully about how to improve their risk management attitudes and behaviour. This plan will continue its deployment in the coming years.

• Setting up and monitoring measures to determine the risk culture status throughout the Group. The Bank is collecting evidence, using systematic monitoring, of the culture initiatives which have been set in motion, to gauge the degree of knowledge of the risk culture and to be able to continuously identify areas for improvement and action plans.

193


Risk control and management model - Advanced Risk Management > Risk culture - Risk Pro

Training activitiesTraining is one of the ways in which the Group builds upon the risk culture. Through the corporate risk school, Santander guarantees that all its risk professionals are trained and developed with uniform criteria. The corporate risk school has now been functional for ten years, since 2005. During these ten years, it has worked side by side with the 10 local schools to enhance Santander’s leadership in this sphere, continuously strengthening the skills of executives and employees.

In 2015, 24,499 hours of training hours were taught by 6.271 Group employees. The corporate risk school trains professionals from other business areas, particularly retail and commercial banking, so as to align the demanding risk management criteria to business goals.

Training hours

2010

26,665

2011

31,028

2012

29,960

2013

26,001

2014 2015

30,029

24,499

2009

21,479

In 2016, the goal is to extend this training to the entire Group, through launching new training activities and with the help of new digital technologies in order to achieve more effective and innovative training.

All the Santander team engaged in risk

It isSantanders Group’s Risk Culture (under the Santander Way: Simple Personal and Fair).

It isthe set of behaviours that each of the employees must develope to proactively manage the risks that affect our daily activities.

It isthe contribution from all of us to the bank’s sustainability and to the development of our future through the contruction of a solid present.

194

Background and upcoming challenges5. Risk management report

2015 ANNUAL REPORT

EXECUTIVE SUMMARYA. PILLARS OF THE RISK FUNCTIONB. RISK CONTROL AND MANAGEMENT MODEL - Advanced Risk ManagementC. BACKGROUND AND UPCOMING CHALLENGESD. RISK PROFILEAPPENDIX: EDTF TRANSPARENCY

C. Background and upcoming challenges

Growth in the global economy slowed in 2015 because the steady resurgence in developed countries, which has been more vigorous in the US and the United Kingdom but also in the Eurozone, was significantly offset by the downturn in emerging markets.

Growth has been lower than was expected at the start of the year. In developed economies, this has been the case due to specific circumstances which dragged on the US economy in early 2015, even though by December this did not stop the FED from implementing a slight rise in interest rates. In the Eurozone, the year saw moderate improvement until Greece’s third bail-out and the point at which the ECB began to apply a more active policy (quantitative earing). Emerging countries have been impacted by the slowdown in China (and the change in China’s growth mix), the fall in commodity prices, geopolitical problems and some measure of decline in financing conditions (lower capital outflows, rise in risk premiums, stock market falls).

Against this background, Banco Santander has a medium-low risk profile, with improved credit quality as evidenced by its core ratios: NPL ratio of 4.36% (- 83 b.p. vs. December 2014), cost of credit 1.25% (-18 b.p. vs. December 2014 ) and a coverage ratio of 73% (+6 p.p higher than in December 2014).

During 2015, the regulatory background has once again been shaped by highly demanding prudential requirements. These are some of the highlights which have happened this year:

• The BCBS’s review of the initial proposals for credit, market and operational risk prudential frameworks.

• Regulatory progress concerning loss absorption mechanisms in the event of resolution situations (MREL and TLAC).

• Publication by the European Banking Authority (EBA) of the results of the transparency exercise, a preliminary step before the stress tests to be held in 2016.

• Entities’ progress in projects designed to address regulatory changes regarding provisions, to come into force from 2018 on according to the IFRS 9 standard [refer to details in Table 1].

Regulatory compliance is a priority for Grupo Santander, and as such the Group constantly keeps track of new regulatory developments. Particularly worthy of note in 2015 were the steps forward taken in developments designed to satisfy the requirements of the Volcker rule (further details in section 3. Market regulations, section D.5.4. Regulatory compliance) and international standards on risk data aggregation (RDA) (further details in section B.3.5. Risk Data Aggregation & Risk Reporting Framework).

From the supervisory standpoint, 2015 marks one year since the coming into force of the Single Supervisory Mechanism (SSM). Supervisory activity by Eurozone banking entities has been conducted through the joint supervisory teams (JST) and through common ongoing supervision which includes the methodology known as the Supervisory Review and Evaluation Procedure (SREP3). This methodology is based on four key areas:

a. Analysis of business model;

b. Assessment of internal governance and global controls;

c. Assessment of capital risks; and

d. Assessment of liquidity risks.

3. According to the document published by the European Banking Authority (EBA): Guidelines on common procedures and methodologies for the supervisory review and evaluation process (SREP)

195


2015 ANNUAL REPORT

Regular supervision based on the SREP methodology is complemented with customised inspections by the supervisor, either jointly by several supervisory entities (in which case it is called a ‘thematic review’), or through individualised analysis of a particular topic within an entity (in situ inspection).

Emerging RisksThe banking sector currently has to face new a plethora of new risk of different nature and sizes. By identifying and monitoring these emerging risks, the Group can adopt a forward-looking approach to risk management, enabling the senior management to deploy action plans to address detected threats and also to adapt the Group’s risk appetite accordingly. The Group uses the Risk Identification and Assessment (RIA) exercise, referred to above, to pinpoint and assess these risks. The most important risks are as follows:

Macroeconomic environment: the main sources of macroeconomic uncertainty which could impact Banco Santander’s business activity in the coming year are as follows:

• The sustained low interest rate environment in Europe.

• The impact which divergent monetary policies could have on the different economies, with potential implications regarding exchange rates and financial stability due to:

• The increase in interest rates in the United States and how quickly the increases are applied (flight to quality).

• Extensions of the quantitative easing programme by the ECB, and

• Monetary expansion in China and Japan.

• Possible liquidity stresses on markets.

• The adjustment in the Chinese economy and its productive model.

• Changes in commodity prices and their impact on both emerging markets and developed economies.

• The decline in Brazil’s economic and fiscal situation

Banco Santander’s business model, based on geographic diversification and a customer-focused bank, leads to more stable results even in periods of macroeconomic uncertainty, ensuring a medium-low profile.

Competitive setting: the financial industry faces the challenge of adapting the way it does business to customers’ new needs. Digital transformation is a key factor for the future of the financial sector. New competitors have sprung up through this transformation: financial start-ups, large technological companies, etc., which are making inroads into different segments of the financial sector, Banco Santander has identified and assessed this risk in its business and so has managed to turn this threat into an opportunity. Innovation and digital transformation are one of the cornerstones of our business model: A number of different initiatives have been launched: investments through Santander InnoVentures in start-ups such as MyCheck, iZettle, Cyanogen, etc., alliances with business schools, progress in use of big date techniques, etc.

Another factor to be considered is that part of financial activity, and thus also its risks, has been shifted towards entities which are subject to less regulation: what is known as shadow banking. Supervision and regulation of this type of banking has to be reinforced in order to safeguard the solvency of the financial system and to allay possible knock-on effects to the rest of the sector, thereby ensuring a competitive environment with a level playing field.

Regulatory environment: the financial crisis is the root cause of the speedy action taken by authorities to implement regulatory proposals in recent years. Entities have had to cope with substantial implementation and compliance costs due to this shifting background and the increasingly more demanding requirements, and as a result ROE has been considerably reduced.

2016 is expected to be an important year in which the Basel Committee on Banking Supervision will complete its tasks aimed at creating a more simple, comparable and risk-sensitive prudential framework. Having already completed the treatment of market risks, we expect to have finished reviewing credit risk, operational risks and IRB models by the end of the year. A hybrid approach - in which internal models can be used, but with limitations - is expected.

In Europe, the final agreement regarding the structural reform proposal (segregation of wholesale and retail activities) is still to be resolved, due to a lack of consensus about the supervisor’s role and the degree of discretionality/automatism in applying this measure. In the area of retail financial services, the European Commission wants to analyse what restrictions are in place that would impede the development of a single common market. In 2016, we also expect to make progress in national transpositions of the Markets in Financial Instruments Directive (MIFID II) and the Payment Accounts Directive.

For the financial industry, it is crucial to have a stable and enduring regulatory framework, allowing banks to make valid mid-term strategies, and to constantly as the global impact of that framework so as to ensure a healthy balance between financial stability and economic growth. The regulatory proposals described above, together with recent proposals for new banking taxes (in the UK and Poland), some of which are still being discussed, such as the European Financial Transaction Tax, are causing further uncertainty.

Geopolitical backdrop: instability in international relationships, which a priori affects the volatility of financial variables and which can affect the real economy, gives rise to geopolitical risk. Evidently, the main sources of instability as we look towards the future are the debate in the UK on whether to remain in the EU (Brexit), the economic cycle in Spain, the Russia-Ukraine crisis, conflicts in the Middle East, the refugee crisis and international terrorism. Yet again, balanced geographical diversification between developed and emerging allays the possible impact of the stresses triggered by this kind of risk.

Lastly, concerning non-financial risks, the number of cybersecurity incidents which affect all sectors, including the financial sector, is steadily on the rise. In view of the importance and possible impact of this type of risk, the Bank continues to apply preventive measures so as to be ready to deal with any kinds of incidents of this nature. These types of measures are outlined in section D.4.4. Mitigation measures of Operational risk.

196


2015 ANNUAL REPORT

Table 1: New financial instruments classification and assessment model (IFRS 9)

1. IntroductionIn July 2014, the International Accounting Standards Board (IASB) approved International Financial Reporting Standard 9 - Financial Instruments (IFRS 9), to replace IAS39 – Financial instruments: recognition and assessment, in accordance with the guidelines which were prepared during the G-20 meeting in April 2009.

IFRS sets out the requirements for recognition and measurement of both financial instruments and certain types of contracts for the sale of non-financial items. It will be applicable from 1 January 2018 on, and will have to be previously approved by the European Union.

2. Model proposed by IFRS 9The main new developments of the standard are as follows:

2.a Classification of financial instrumentsThe criterion for classifying financial assets will depend both on their business management model and the features of the contractual flows. Consequently, the asset will be measured at amortised cost, at fair value with changes in equity, or at fair value with changes in profit/loss for the period. IFRS 9 also establishes the option of designating an instrument at fair value with changes in P/L under certain conditions.

2.b Credit risk impairment modelThe most important new development compared with the current model is that the new accounting standard introduces the concept of expected loss, whereas the current model (IAS 39) is based on incurred loss.

Scope of applicationThe IFRS 9 asset impairment model is applicable to financial assets valued at amortised cost, to debt instruments valued at fair value through other comprehensive income, to leasing receivables, and to contingent risks and commitments not valued at fair value.

Classification of financial instruments by phasesThe financial instruments portfolio for impairment purposes will be divided into three categories, depending on the phase each instrument has with regard to its credit risk:

• Phase 1: a financial instrument is in phase 1 when there has been no significant increase in its risk since it was initially

registered. If applicable, the valuation correction for losses will amount to the possible credit expected losses arising from possible defaults with ta period of 12 months following the reporting date.

• Phase 2: if there has been a significant increase in risk since the date in which the instrument was initially registered, but the impairment has not actually materialised, then the financial instrument will be included in this phase. In this case, the amount of the valuation correction for losses will be the expected losses owing to defaults throughout the residual life of the financial instrument.

• Phase 3: a financial instrument will be included in this phase when it is considered to be effectively impaired. In this case, the amount of the valuation correction for losses will be the expected losses for credit risk throughout the residual life of the financial instrument.

Impairment estimation methodologyIn these three phases of financial instruments, the value correction for losses indicated must be an amount equivalent to the expected loss for default within a period of 12 months following the reporting date, except for those cases in which there has been a significant increase in risk since the initial registration date. In the latter case, the valuation correction will be the same amount of the expected loss for credit events during the rest of the expected life of the financial instrument.

The required methodology for calculating expected loss for credit events will based on an unbiased consideration weighted for the probable occurrence of a range of future scenarios which could affect the receipt of the contractual cash flows, always taking into account the temporary value of money, and all the available and relevant information about past occurrences, current conditions and predictions regarding changes in macroeconomic factors which are proven to be important for the purpose of estimating this amount.

For financial assets, a credit loss is the current value of the difference between the contractual cash flows owed to the entity according to the contract and the cash flows which the entity expects to receive.

197


2015 ANNUAL REPORT

For undrawn loan commitments, a credit loss is the current value of the difference between the contractual cash flows owed to the entity if the holder of the loan commitment draws the loan and the cash flows which the entity expects to receive if the loan is drawn.

Expected loss is measured using the following factors:

• Exposure at Default (EAD): the amount of the transaction exposed to credit risk referring to the period in which the likelihood of the counterparty defaulting is considered. This amount will be estimated in cases in which the transaction repayment schedule may be modified, subject to the standard.

• Probability of Default (PD): is the likelihood that a counterparty will fail to meet its obligation to pay principal or interest. For the purposes of IFRS 9, this will consider both PD-12 months, which is the probability of the financial instrument entering default within the next 12 months, and also lifetime PD, which is the probability of the transaction entering into default between the reporting date and the transaction’s residual maturity date. Future information of relevance is considered to be needed to estimate these parameters, according to the standard.

• Loss Given Default (LGD): this reflects the percentage of exposure that could not be recovered in the event of a default. It depends mainly on the ability to demand additional collateral and the future cash flows that are expected to be recovered. According to the standard, future information will have to be taken into account to estimate it.

• Discount rate: the rate applied to the future cash flows estimated during the expected life of the asset, and which is equal to the net present value of the financial instrument at its carrying value. When calculating the discount rate, expected losses for default when estimating future cash flows are not generally taken into account, except in cases in which the asset is considered to be impaired, in which case the interest rate applied will take into account such losses, and it will be known as the effective interest rate adjusted for credit risk.

Impairment registrationThe main new development as against the current standard concerns assets measured at fair value with changes in other comprehensive income, where the part of the changes in fair value due to expected credit losses in the profit and loss account will be registered in the year in which the change occurs, and the rest will be entered in another comprehensive income.

2.c Accounting of hedgesIFRS 9 includes new hedge accounting requirements which have a twofold objective: to simplify current requirements, and to bring hedge accounting in line with risk management, so allowing there to be a greater variety of derivative financial instruments which may be considered to be hedging instruments.

Furthermore, additional breakdowns are required providing useful information regarding the effect which hedge accounting has on financial statements and also on the entity’s risk management strategy.

3. IFRS 9 implementation strategyThe Group has established a workstream with the aim of adapting its processes to the new classification standards for financial instruments, accounting of hedges and estimating credit risk impairment, so that such processes are applicable in a uniform way for all Group units, and, at the same time, can be adapted to each unit’s individual features.

Accordingly, the Group is working towards defining an objective internal model and analysing all the changes which are needed to adapt accounting classifications and credit risk impairment estimation models in force in each unit to the previous definitions.

In principle, the governance structure currently implemented at both corporate level and in each one of the units, complies with the requirements set out in the new standards.

The Group has set up a regular committee to manage the project governance structure, and a task force which is responsible for its tasks, and also assuring that the pertinent responsible teams take part.

Risks, Financial Accounting & Control and Technology and Operations are the main divisions involved in the project at the highest level, and which are thus represented in the project governance bodies indicated above.

198


2015 ANNUAL REPORT

The project’s main phases and milestones are as follows:

• Analysis / Diagnosis (2015 and first half of 2016): this phase consists mainly of analysing the standards and their impact on the Group’s processes.

• Design and development (2015 and 2016) this phase consists of the definition of functional requirements and transposition of requirements to the technological field, selection and development of necessary systems, identification of necessary data inputs, and construction of the new operational model to comply with regulatory requirements.

• Implementation (2016-2017): this phase consists of the model stabilisation, creation of stable and validated reports and the optimisation of execution times, in order to ensure that the model is effectively implemented.

• Parallel Execution (2017): this phase consists mainly of the transition to the new operational model by testing the model’s effective operation, simulation calculations, and generating comparable information and reporting in parallel with the current model, so as to verify the consistency of the models and the reporting systems, and to help management to understand the assumptions and sensitivities involved.

• Entry in force of standard: 1 January 2018.

4. Guidelines and complementary rulesIn addition to the standards issued by IASB, a number of regulatory and supervisory bodies have issued further considerations both in regard to the impairment model for financial instruments in IFRS 9, and items directly relating to it. These include the following documents and initiatives:

• Basel Committee on Banking Supervision - Guidelines concerning credit risk and accounting of expected credit losses (December 2015, definitive status): using 11 supervision principles and guidelines, the document issued by the Basel Committee on Banking Supervision provides a guide to good credit risk practices associated with the implementation and ongoing application of accounting frameworks for calculation of expected credit losses, and, in particular, for IFRS 9.

• European Banking Authority (EBA) – The EBA 2016 Annual Work Programme (September 2015): establishes a work plan which includes, inter alia: a quantitative and qualitative analysis of IFRS 9 as a result of the technical standards and guidelines which the European Banking Authority will develop to provide advise in accounting and auditing.

• European Banking Authority (EBA) – Draft Guidelines in the application of definition of default under article 178 of EU Regulation no. 575/2013 (September 2015, consultation status): the object of the document is to give the sector guidelines which can be used to harmonise the default definition used in internal models towards those existing for regulatory purposes.

• Enhanced Disclosure Task Force EDTF – Impact of expected loss models in breakdowns of risk (November 2015, definitive status): The EDTF, which the Group has been a member of since it was set up, is a task force made up of financial entities, fund managers, auditors and rating agencies which was promoted by the Financial Stability Board in 2012 with the main object of improving the quality, comparability and transparency in the disclosure of financial reporting. In 2015, the task force has reviewed the original principle and recommendations to include information for a provisions model based on expected credit losses (ECL). The publication of the recommended information is temporarily adapted to the provisional implementation schedule for the new standards, and includes transitional recommendations for the implementation phase, and other permanent recommendations.

199

Risk profile > Credit risk5. Risk management report

2015 ANNUAL REPORT

EXECUTIVE SUMMARYA. PILLARS OF THE RISK FUNCTIONB. RISK CONTROL AND MANAGEMENT MODEL - Advanced Risk Management C. BACKGROUND AND UPCOMING CHALLENGESD. D. RISK PROFILE 1. Credit risk 2. Trading market risk and structural risks 3. Liquidity risk and funding 4. Operational risk 5. Compliance and conduct risk 6. Model risk 7. Strategic risk 8. Capital riskAPPENDIX: EDTF TRANSPARENCY

D. Risk profile

D.1. Credit risk

Organisation of this section

After an introduction to the concept of credit risk and the segmentation that the Group uses for its treatment, the key figures of 2015 and change over time are presented [pag. 200-207].

This is followed by a look at the main geographies, setting out the main features from the credit risk standpoint [pag. 208-215].

The qualitative and quantitative aspects of other credit risk matters are then presented, including information on financial markets, risk concentration, country risk, sovereign risk and environmental risk [pag. 216-224].

Lastly, there is a description of the Group’s credit risk cycle, with a detailed explanation of the various stages that form part of the phases of pre-sale, sale, and post-sale, as well as the main credit risk metrics [pag. 224-229].

D.1.1. Introduction to credit risk treatment

Credit risk arises from the possibility of losses stemming from the failure of clients or counterparties to meet their financial obligations with the Group.

The Group’s risks function is organised on the basis of three types of customers:

• The segment of individuals includes all physical persons, except those with a business activity. This segment, in turn, is divided into sub segments by income levels, which enables risk management adjusted to the type of client.

• The segment of SMEs, companies and institutions includes companies and physical persons with business activity. It also includes public sector activities in general and non-profit making private sector entities.

• The segment of Santander Global Corporate Banking – SGCB – consists of corporate clients, financial institutions and sovereigns, who comprise a closed list revised annually. This list is determined on the basis of a full analysis of the company (business, countries where it operates, types of product used, volume of revenues it represents for the bank, length of relation with the client, etc.).

The following chart shows the distribution of credit risk on the basis of the management model.

Credit risk distribution

Individuals57%

SMEs, companies and institutions

27%

SGCB16%

The Group’s profile is mainly retail, accounting for 84% of total risk generated by the retail banking business.

200


2015 ANNUAL REPORT

Credit risk exposure rose 7.5% in 2015, largely due to the combined impact of the increase in lending in the United Kingdom, the US, Spain and Portugal.

D.1.2. Key figures and change over time

D.1.2.1. Global map of credit risk, 2015The table below sets out the global credit risk exposure map in nominal amounts (except for derivatives and repos exposure which is expressed in credit risk equivalent) for the Group at 31 December 2015.

Gross credit risk exposure classified by legal entityMillion euros. Data at 31 December 2015

Customer loans Loans to entities2 Fixed income33Derivatives and Repos

Drawn1 Undrawn Drawn Undrawn Sovereign Private CRE4 TotalContinental Europe 327,556 77,739 30,890 288 55,387 12,772 24,397 529,030 Spain 208,341 63,381 21,432 125 42,694 7,263 21,836 365,071 Germany 31,488 830 2,396 - - 348 8 35,069 Portugal 32,792 4,591 3,489 104 6,803 3,771 2,073 53,622 Others 54,936 8,938 3,574 59 5,891 1,390 480 75,267 United Kingdom 277,225 48,144 23,625 - 6,153 8,248 18,971 382,366 Latin America 149,039 35,139 24,273 13 25,460 6,108 8,260 248,292 Brazil 69,182 21,316 14,820 12 16,226 4,826 5,291 131,673 Chile 34,836 8,363 1,725 0 1,665 976 1,469 49,034 Mexico 30,566 5,165 3,164 - 6,046 274 1,466 46,681 Others 14,455 297 4,565 - 1,523 32 34 20,905 United States 85,548 33,667 10,151 333 8,685 10,746 478 149,609 Rest of world 596 191 108 - - 1 - 896 Total Group 839,964 194,881 89,048 634 95,685 37,875 52,106 1,310,192 % of total 64.1% 14.9% 6.8% 0.0% 7.3% 2.9% 4.0% 100.0%% change/Dec 14 6.4% 8.0% 15.2% -74.0% 12.2% 13.9% 4.2% 7.5%

Gross credit risk exposure: change over timeMillion euros

2015 2014 2013 Change on 14 Change on 13Continental Europe 529,030 480,551 473,267 10.1% 11.8%Spain 365,071 333,227 327,900 9.6% 11.3%Germany 35,069 32,929 33,481 6.5% 4.7%Portugal 53,622 43,754 41,013 22.6% 30.7%Others 75,267 70,641 70,872 6.5% 6.2%United Kingdom 382,366 349,169 320,571 9.5% 19.3%Latin America 248,292 264,459 241,592 -6.1% 2.8%Brazil 131,673 160,532 141,119 -18.0% -6.7%Chile 49,034 46,084 44,147 6.4% 11.1%Mexico 46,681 43,639 39,066 7.0% 19.5%Others 20,905 14,204 17,260 47.2% 21.1%United States 149,609 123,758 73,945 20.9% 102.3%Rest of world 896 450 265 98.8% 237.8%Total Group 1,310,192 1,218,387 1,109,640 7.5% 18.1%

1. Balances drawn down by customers include contingent liabilities (see the auditor’s report and note 35 to the annual consolidated accounts) and exclude repos (EUR 6,272 million) and other customer credit financial assets (EUR 4,673 million).

2. Balances with credit entities and central banks include contingent liabilities and exclude repos, the trading portfolio and other financial assets.

3. Total fixed income excludes the trading portfolio.

4. CRE (credit risk equivalent): net replacement value plus the maximum potential value. Includes mitigants).

Gross exposure (lending to customers, entities, fixed income, derivative and repos) to credit risk in 2015 amounts to 1,310,192 million euros. The highest proportion, accounting for 86% of the total, is credit to customers and credit entities.

Risk is diversified among the main regions where the Group operates: Continental Europe (41%), United Kingdom (29%), Latin America (19%) and the US (11%).

201


2015 ANNUAL REPORT

and thus helps in the efforts made to bring down the SCF NPL ratio overall in 2015. The new portfolio has a coverage ratio of 110%, similar to SCF. In 2016, an additional EUR 6,000 million is expected to be added in six European countries, continuing the strategy aimed at increasing the scope with similar risk profiles.

Other important transactions were the acquisitions of Retop, which consolidates the consumer finance business in Uruguay, and of Carfinco, allowing the auto finance business in Canada to be included in the scope of Santander Consumer Finance.

In December 2015, Santander Totta bought most of the assets and liabilities of Banco Internacional do Funchal (Banif) were acquired by Santander Totta in Portugal, further increasing market share in that country.

D.1.2.2. Performance of magnitudes in 2015The table below sets out the main items related to credit risk derived from our activity with customers:

Key figures of credit risk arising from activity with customersData at 31 December 2015

Credit risk with customers2

(million euros)Non-performing loans

(million euros)NPL ratio

(%)2015 2014 2013 2015 2014 2013 2015 2014 2013

Continental Europe 321,395 310,008 312,167 23,355 27,526 28,496 7.27 8.88 9.13

Spain 173,032 182,974 189,783 11,293 13,512 14,223 6.53 7.38 7.49Santander Consumer Finance1 76,688 63,654 58,628 2,625 3,067 2,351 3.42 4.82 4.01Portugal 31,922 25,588 26,810 2,380 2,275 2,177 7.46 8.89 8.12Poland 20,951 18,920 18,101 1,319 1,405 1,419 6.30 7.42 7.84United Kingdom 282,182 256,337 235,627 4,292 4,590 4,663 1.52 1.79 1.98Latin America 151,302 161,974 146,956 7,512 7,767 7,342 4.96 4.79 5.00Brazil 72,173 90,572 79,216 4,319 4,572 4,469 5.98 5.05 5.64Mexico 32,463 27,893 24,024 1,096 1,071 878 3.38 3.84 3.66Chile 35,213 33,514 31,645 1,980 1,999 1,872 5.62 5.97 5.91Argentina 6,328 5,703 5,283 73 92 75 1.15 1.61 1.42United States 90,727 76,014 44,372 1,935 1,838 1,151 2.13 2.42 2.60Puerto Rico 3,924 3,871 4,023 273 288 253 6.96 7.45 6.29Santander Bank 54,089 45,817 40,349 627 647 898 1.16 1.41 2.23SC USA 28,280 22,782 — 1,034 903 — 3.66 3.97 —Total Group 850,909 804,084 738,558 37,094 41,709 41,652 4.36 5.19 5.64

Coverage ratio Spec. provs. net of recovered Credit cost (%)

2015 2014write-offs3 (million euros) (% of risk)4

2013 2015 2014 2013 2015 2014 2013Continental Europe 64.2 57.2 57.3 1,975 2,880 3,603 0.68 1.01 1.23Spain 48.1 45.5 44.0 992 1,745 2,411 0.62 1.06 1.38Santander Consumer Finance1 109.1 100.1 105.3 537 544 565 0.77 0.90 0.96Portugal 99.0 51.8 50.0 72 124 192 0.29 0.50 0.73Poland 64.0 60.3 61.8 167 186 167 0.87 1.04 1.01United Kingdom 38.2 41.9 41.6 107 332 580 0.03 0.14 0.24Latin America 79.0 84.5 85.4 4,950 5,119 6,435 3.36 3.70 4.43Brazil 83.7 95.4 95.1 3,297 3,682 4,894 4.50 4.91 6.34Mexico 90.6 86.1 97.5 877 756 801 2.91 2.98 3.47Chile 53.9 52.4 51.1 567 521 597 1.65 1.75 1.92Argentina 194.2 143.3 140.4 148 121 119 2.15 2.54 2.12United States 225.0 193.6 86.6 3,103 2,233 43 3.66 3.31 (0.00)Puerto Rico 48.5 55.6 61.6 85 55 48 2.12 1.43 1.13Santander Bank 114.5 109.4 93.6 64 26 (5) 0.13 0.06 (0.01)SC USA 337.1 296.2 — 2,954 2,152 — 10.97 10.76 —Total Group 73.1 67.2 61.7 10,108 10,562 10,863 1.25 1.43 1.53

1. SCF includes PSA in the 2015 figures. 2. Includes gross lending to customers, guarantees and documentary credits. 3. Recovered Written-Off Assets (EUR 1,375 million). 4. Cost of credit = loan-loss provisions twelve months / average lending.NB: 2014 data have been reformulated due to the transfer of Banco Santander International units and the New York branch to the US.

Changes in scopeIn 2015, there were a number of different changes in the Group’s scope of gross credit exposure. The main programmes were:

Santander Consumer FinanceAgreement with PSA (50/50% Joint Venture between Banque PSA Finance and Santander Consumer Finance), in the consumer finance business. The main goal of this alliance is to finance vehicle acquisitions of the Peugeot, Citroën and DS brands by end customers, and second-hand vehicle transactions in auto dealers of these three brands. This agreement adds approximately EUR 15,000 million of exposure in 2015.

Through this alliance, SCF has been able to strengthen its position on the market, stepping up its presence in countries where it already has exposure such as Spain, the United Kingdom and Portugal, and moving into new markets such as France and Switzerland, in so doing increasing its scope in 2015.

The new portfolio has an NPL ratio of approximately 2.4% at year end,

202


2015 ANNUAL REPORT

At the end of 2015, credit risk with customers was 6% higher. Growth in local currency is across the board except for Spain (although customer lending in isolation actually increased slightly). The lower lending in Brazil in euros is due to the BRL’s depreciation over the course of the year.

These levels of lending, together with lower non-performing loans (NPLs) of EUR 37,094 million (-11% vs. 2014) reduced the Group’s NPL ratio to 4.36% (-83 b.p. against 2014).

For coverage of these NPLs, the Group recorded net credit losses of EUR 10,108 million (-4% vs. 2014), after deducting write-off recoveries. This fall is materialised in a fall in the cost of credit to 1.25% (18 b.p. less than in 2014).

Total loan-loss provisions were EUR 27,121 million, bringing the Group’s coverage ratio to 73%. It is important to bear in mind that this ratio is affected downwards by the weight of mortgage portfolios (particularly in the United Kingdom and Spain), which require fewer provisions as they have collateral.

Conciliation of the main magnitudesThe consolidated financial report details the portfolio of customer loans, both gross and net of funds. Credit risk also includes off-balance sheet risk and derivatives. The following chart shows the relation between the concepts that comprise these magnitudes.

Figures in million euros

CREDIT RISK WITH CUSTOMERS

‘CREDIT RISK’ SECTION

BALANCE OF THE CHAPTER ‘CONSOLIDATED FINANCIAL REPORT’

LENDING (CUSTOMER CREDIT)

CUSTOMER LOANS (GROSS)

CREDIT TO CUSTOMERS (NET)

850.909*

812,833

817,365

790,848

Outstanding839,964**

Credit796,991

Funds(26,517)

Trading portfolio

6,081

6,081

Asset: Lending: credit to customers

770,474

Reasonable value

14,293

14,293

Breakdown 1

Breakdown 2

Repos, other fin. assets and derivatives

10,945 * ‘Main magnitudes’ table

** ‘Gross exposure to credit risk’ table

Contingent liability38,076

Others4,532

Lending (customer credit)812,833

203


2015 ANNUAL REPORT

Geographic distribution and segmentationOn the basis of the aforementioned segmentation, the geographic distribution and situation of the portfolio is shown in the following charts:

813,815 Million euros Total 762,375

Other20%

Spain20% 696,906

Normal

NPLs

TotalUS

Brazil8%

11% 850,909Chile

4%

Portugal UK33%

37,094 41,709 41,652

4%Dec 15 2014 2013

Individuals 472,807

Other17%

Spain14%

436,612393,822

BrazilNormal

5% NPLs US

9%Total

489,011Chile4%

Portugal5% UK

46%16,204 17,482 16,688

Dec 15 2014 2013

SME+Comp+Inst 211,612199,657

Other25%

Spain24%

187,510

Normal

NPLs

Total

228,749Brazil9%

US14%

17,137 20,869 22,058

Chile5%

PortugalUK19% Dec 15 2014 2013

4% SGCB

Other20% Spain

35%129,397

126,107115,574

Normal

NPLs

US Total10%

133,149Chile

3%Portugal

2%

UK12%

Brazil18%

3,752

Dec 15

3,357

2014

2,906

2013

204


2015 ANNUAL REPORT

The structure of the main magnitudes by geographic area:

• Continental Europe

• In Spain4, the NPL ratio amounted to 6.53% (-85 b.p. vs. 2014), despite the reduction in the denominator and due to the favourable evolution of NPLs, mainly at companies. The coverage ratio rose to 48% (+3 p.p. in the year).

• Portugal closed the year with a fall in the NPL ratio to 7.46%, (-143 b.p. in 2015), and an increase in the coverage ratio to 99% (+47 p.p. during the year). This performance is due to the lower with PNL in most segments and the addition of Banif.

• In Poland the downturn in the NPL ratio continued to 6.3% (-112 b.p. vs. 2014). The coverage ratio rose to 64%.

• Santander Consumer’s NPL ratio, after the increase in the perimeter, was 3.42% (-140 b.p. in 2015), with a good general performance of portfolios in all countries. The coverage ratio increased to 109%.

• The United Kingdom5 reduced its NPL ratio to 1.52% (-27 b.p.), due to the good performance in all segments, particularly retail and especially the mortgage portfolio. The coverage ratio was 38%.

• Brazil6, against an adverse macroeconomic background, the NPL ratio was contained to 5.98% (+93 b.p. in the year) using proactive risk management. The coverage ratio was 84%.

• Chile has reduced its NPL ratio to 5.62 % (-35 b.p. in the year), thanks to the good performance in non-performance loans across most segments. The coverage ratio was 54%.

• In Mexico the NPL ratio was down to 3.38% (-46 b.p. in the year), with increase in credit risk much higher than growth in the NPL portfolio. The coverage ratio was 91%.

• The United States’ NPL ratio declined to 2.13% (-29 b.p.) and the coverage ratio rose to 225% (+31 p.p. since 2014).

• The NPL ratio at Santander Bank was 1.16% (-25 b.p.), as a result of the good performance of the portfolios, while the coverage ratio was higher at 115%.

• In SCUSA, the high rotation of the portfolio and the unit’s active credit management brought the NPL ratio to 3.66% and the coverage ratio increased to 337%.

• Puerto Rico’s NPL ratio fell to 6.96% and the coverage ratio dropped to 49%.

Portfolio with normal status: amounts past dueThe amounts past due of three months or less represented 0.30% of total credit risk with customers. The following table shows the structure at 31 December 2015, classified on the basis of the age of the first maturity:

Matured amounts pendingMillion euros

Less than 1

month1-2

months2-3

months

Deposits in credit entities 5 - -

Customer loans 1,654 553 407

Public administrations 4 0 0

Other private sectors 1,650 553 407

Securities representing debt - - -

Total 1,659 553 407

Doubtful portfolio and provisions: change over time and mixDoubtful assets are divided into:

• Assets classified as doubtful due to counterparty arrears:Debt instruments, no matter what their holder or collateral might be, which have an amount in arrears for over 90 days, are allocated provisions in an individualised way, taking into account how long the unpaid amounts are outstanding, the collaterals offered and the economic situation of the counterparty and the guarantors.

• Assets classified as doubtful for reasons other than counterparty arrears:Debt instruments which cannot be classified as doubtful due to arrears but for which there are reasonable doubts as to the borrower’s ability to pay in accordance with the contractual terms are assessed individually, and an allowance is recognised equal to the difference between the carrying amount of the assets and the present value of their estimated future cash flows.

The table below shows the change over time in doubtful loans by constituent items:

Change over time in doubtful loans by constituent itemMillion euros. Data at 31 December 2015

NPLs 2014 Net entries

Perimeter & exchange rate

Write-offs NPLs 2015

(12,361)

7,705

37,08441,709

41

4. Does not include real estate activity. Further details in section D.1.3.2. Spain.

5. Further details in section D.1.3.1. United Kingdom.

6. Further details in section D.1.3.3. Brazil.

205


2015 ANNUAL REPORT

2013-2015 EvolutionMillion euros

2013 2014 2015

NPLs (start of he period) 36,061 41,652 41,709

Entries 17,596 9,652 7,705

Perimeter 743 497 106

Exchange rate and other (2,122) 1,734 (65)

Write-offs (10,626) (11,827) (12,361)

NPLs (end of period) 41,652 41,709 37,094

Change over time in loan loss provisions, according to constituent itemMillion euros. Data at 31 December de 2015

Funds 2014

Gross pro-vision for impaired

assets and loan losses

Provision for other

assets

Exchange rate and

other

Write offs Funds 2015

From impaired assets 19,786

From impaired assets 17,707

From other assets 8,260

From other assets 9,414

81410,670 (12,361)

28,04627,121

(48)

Performance 2013-2015Million euros

2013 2014 2015

Funds (start of period) 26,111 25,681 28,046

From impaired assets 19,431 19,118 19,786

From other assets 6,681 6,563 8,260

Gross provision for impaired assets and loan losses 11,881 11,766 10,670

Allocation 11,686 11,766 10,670

Writedowns 195 - -

Provision for other assets 242 156 814

Exchange rate and other (1,928) 2,271 (48)

Write-offs (10,626) (11,827) (12,361)

Funds (end of period) 25,681 28,046 27,121

Forbearance portfolioThe term forbearance portfolio refers for the purposes of the Group’s risk management to operations in which the customer has shown, or is expected to show, financial difficulties which could have a material impact on its payment obligations in the prevailing contractual terms and, for this reason, steps have been taken to modify, cancel or even formalise a new transaction.

Grupo Santander has a detailed corporate policy for forbearance which acts as a reference in the various local transpositions of all the financial institutions that form part of the Group, and share the general principles established in Bank of Spain circular 6/2012 and the technical criteria published in 2014 by the European Banking Authority, developing them in a more granular way on the basis of the level of deterioration of clients.

This corporate policy sets rigorous criteria of prudence for assessing these risks:

• There must be restrictive use of restructuring, avoiding actions that delay recognising deterioration.

• The main aim must be to recover all the amounts owed, which entails recognising as soon as possible the amounts that it is estimated cannot be recovered.

• The restructuring must always envisage maintaining the existing guarantees and, if possible, improving them. Effective guarantees not only serve to mitigate the severity, but also can reduce the probability of default.

• This practice must not involve granting additional financing to the client, serve to refinance the debt of other banks, or be used as an instrument of cross-selling.

• It is necessary to assess all the forbearance alternatives and their effects, ensuring that the results would be better than those likely to be achieved in the event of not doing it.

• More severe criteria are applied for the classification of forbearance operations which prudently ensure the re-establishment of the client’s payment capacity from the moment of forbearance and for an adequate period of time.

• In addition, in the case of clients assigned a risk analyst, individualised analysis of each case is particularly important, both for their correct identification as well as subsequent classification, monitoring and adequate provisions.

The policy also establishes various criteria related to determining the perimeter of operations considered as forbearance, through defining a detailed series of objective indicators to help identify financial distress situations which could have a material impact on the customer’s meeting of its payment obligations.

In this way, operations not classified as doubtful at the date of forbearance are generally considered as being in financial difficulties if at this date non-payment exceeds a month. If there is no non-payment or if this does not exceed the month of maturity, other indicators to be assessed are taken into account including:

• Operations of clients who already have problems with other transactions.

• When the modification is made necessary prematurely, without there yet existing a previous and satisfactory experience with the client.

206


2015 ANNUAL REPORT

• In the event that the necessary modifications involve granting special conditions such as the need to have to establish a temporary grace period in the payment or, when these new conditions are regarded as more favourable for the client than those granted in an ordinary admission.

• Request for successive modifications over an unreasonable period of time.

• In any case, once the modification is made, if any irregularity arises in the payment during an established period of observation, even if there are no other symptoms, the operation will be considered within the perimeter of forbearance (backtesting).

As soon as it is determined that the reasons giving rise to the modification are due to financial difficulties, two types of forbearance are distinguished for management purposes on the basis of the management situation of these operations in origin: ex ante forbearance when the original operation is considered a doubtful risk and ex post forbearance when arising from a doubtful situation.

In addition, within ex post forbearance treatments applicable for cases of advanced deterioration are distinguished, whose requirements and classification criteria are even more severe than for the rest of forbearance.

Once the forbearance is done, those operations that remain classified as doubtful risk for not meeting at the time of forbearance the requirements for their reclassification to another category, must fulfil a schedule of prudent payments in order to ensure with reasonable certainty that the client has recovered his payment capacity.

If there is any irregularity (non-technical) in payments during this period, the observation period is begun again.

Once this period is over, conditioned by the customer’s situation and by the operation’s features (maturity and guarantees granted), the operation is no longer considered doubtful, although it remains subject to a test period with special monitoring.

This tracking is maintained as long as a series of requirements are not met, including: a minimum period of observation, amortisation of a substantial percentage of the amounts pending and having met the unpaid amounts at the time of forbearance.

The forbearance of a doubtful operation, regardless of whether, as a result of it, the transaction remains current in payment, the original non-payment dates are considered for all purpose, including the determination of provisions.

Total forbearance volume at 31 December 2015 amounts to 55,362 million euros, with the following details7:

Forbearance volumeMillion euros

Non-doubtful Doubtful Total risk

Amount Amount Amount % spec. cov.

Total forebearance 34,189 21,173 55,362 20%

The Group’s forbearance volume fell 2.4% (- EUR 1,341 million), continuing the downturn begun in 2013 (-14.1% total fall over the last three years, considering an unchanged scope). Its proportion as part of the total credit risk with Group customers has also diminished (currently 6.5% vs. 7% in the previous year).

The credit quality of the portfolio has improved, with 62% in non-doubtful status (58% in 2014). Of note is the high level of guarantees (77% with real guarantees) and adequate coverage through specific provisions (20% of the total forbearance portfolio and 52% of the doubtful portfolio).

Management metrics8 Credit risk management uses other metrics to those already commented on, particularly management of non-performing loans variation plus net write-offs (known in Spanish as VMG) and expected loss. Both enable risk managers to form a complete idea of the portfolio’s evolution and future prospects.

Unlike non-performing loans, the VMG refers to the total portfolio deteriorated over a period of time, regardless of the situation in which it finds itself (doubtful loans and write-offs). This makes the metric a main driver when it comes to establishing measures to manage the portfolio.

7. Non-doubtful portfolio figures include the portfolio classified as normal and substandard in Circular 4/2004 of the Bank of Spain. For more detail on the real estate portfolio consult note 54 of the auditor’s report and the annual financial statements.

8. For further details of these metrics refer to section D.1.5.6. Measurement and control in this same chapter.

207


2015 ANNUAL REPORT

The VMG is frequently considered in relation to the average loan that generated them, giving rise to what is known as the risk premium, whose change over time can be seen below.

Risk premium (VMG/average balances)%. Data with constant exchange rate

Group Brazil UK Spain

2013 2014 2015

0.16

3.51

0.28

-0.49

5.23

4.31

4.88

2.35

1.07 0.80

0.01

-0.04

The table below sets out the distribution by segments in terms of EAD, PD and LGD. For example, it can be seen how the consideration of the LGD in the metrics makes the portfolios with mortgage guarantee generally produce a lower expected loss, fruit of the recovery that occurs in the event of a default via the mortgaged property.

The expected loss with clients of the portfolio in normal situation is 1.00% (virtually unchanged vs. 2014 in which it was 1.01%) and 0.79% for the whole of the Group’s credit exposure (0.82% in 2014), maintaining the medium-low risk profile.

In 2015, the downturn in the Group’s risk premium continued, despite the increase in Brazil.

Unlike the loss incurred, used by the Group to estimate loan-loss provisions, the expected loss is the estimate of the economic loss which will occur during the following year in the existing portfolio at a given moment. Its forward-looking component complements the view provided by the VMG when analysing the portfolio and its evolution.

The expected loss reflects the portfolio’s features as regards the exposure at default (EaD), the probability of default (PD) and the severity or recovery once the default occurs (loss given default, LGD).

Credit risk exposure: segmentation

Segment EAD1 % Average PD Average LGD Expected loss

Sovereign debt 180,192 15.9% 0.13% 18.67% 0.02%

Banks and other fin. instit. 71,704 6.3% 0.29% 38.49% 0.11%

Public sector 3,794 0.3% 1.66% 21.25% 0.35%

Corporate 160,498 14.2% 0.65% 31.46% 0.21%

SMEs 161,934 14.3% 2.77% 40.12% 1.11%

Individual mortgages 343,213 30.4% 2.56% 7.38% 0.19%

Consumer credit (individuals) 145,001 12.8% 6.89% 48.13% 3.32%

Credit cards (individuals) 46,229 4.1% 3.25% 64.54% 2.10%

Other assets 17,209 1.5% 2.48% 41.30% 1.03%

Memorandum item2 860,669 76.2% 3.01% 33.11% 1.00%

Total 1,129,773 100.0% 2.37% 33.15% 0.79%

Data at December 2015.

1. Excludes doubtful loans.

2. Excludes sovereign debt, banks and other financial institutions and other assets.

208


2015 ANNUAL REPORT

D.1.3. Details of main geographies

The portfolios of the geographies where Grupo Santander has the highest risk concentrations are set out below, based on the data in sections D.1.2.2 Performance in magnitudes in 2015.

D.1.3.1. United Kingdom

D.1.3.1.1. Overview of the portfolioCredit risk with customers in the United Kingdom amounts to EUR 282,182 million at the close of December 2015, accounting for 33% of the Group total.

The Santander UK portfolio is divided into the following segments:

Portfolio segmentation%

Individual mortgages85%

Other individual borrowers

3%SMEs and

companies12%

D.1.3.1.2. Mortgage portfolio Because of its importance not just for Santander UK but for all of the Group’s outstanding, it is worth highlighting the mortgage portfolio, which stood at EUR 207,309 million at the end of Deember 2015.

This portfolio consists of mortgages for acquisition or reforming homes, granted to new as well as existing clients and always constituting the first mortgage. There are no operations that entail second or successive charges on mortgaged properties.

The mortgaged property must always be located within United Kingdom territory, regardless of the destiny of the financing except in the case of some one-off operations in the Isle of Man. Mortgages can be granted for properties outside the United Kingdom, but the collateral for such mortgages must consists of a property in the United Kingdom.

Most of the credit exposure is in the south east of the United Kingdom, and particularly in the metropolitan area of London, where housing prices have risen over the last year.

Geographic concentration%

52%

5%

3%

8%3% 8% 3% 4%

5%3%

1%

5%

Scotland South East Inc London Yorks And Humber North North West Wales South West East Anglia East Midlands West Midlands Northern Ireland Other

All the properties are valued independently before each new operation is approved, in accordance with the Group’s risk management principles.

Mortgages that have already been granted are subject to a quarterly updating of the value of the property in guarantee, by an independent agency, using an automatic valuation system in accordance with the market’s usual practices and in compliance with prevailing legislation.

The distribution of the portfolio by type of borrowers is shown in the chart below:

First-time buyers1 Home movers2 Re-mortgagers3 Buy to let4

Stock New Business

19%

43%

35%

7,119 3,255

71,540 9,291

88,610 15,571

40,050 6,111

207,319 34,2283%

18%

45%

27%

10%

Mortgage portfolio loan typesMillion euros

1. First-Time Buyers: customers who purchase a home for the first time.

2. Home Movers: customers who change houses, with or without changing the bank granting the loan.

3. Re-mortgages: customers who switch the mortgage from another financial entity.

4. Buy to Let: houses bought for renting out.

There are many different types of products with different risk profiles, all of them subject to the limits inherent in the policies of a prime lender such as Santander UK. The features of some of them (in brackets the percentage of the portfolio of United Kingdom mortgages they represent):

209


2015 ANNUAL REPORT

• Interest only loans (38.8%)9: the customer pays every month the interest and amortises the capital at maturity. An appropriate repayment vehicle such as a pension plan, mutual funds, etc is needed. This is a regular product in the United Kingdom market for which Santander UK applies restrictive policies in order to mitigate the risks inherent in it. For example, maximum LTV of 50%, higher cut-off in the admission score or the evaluation of the payment capacity simulating the amortization of capital and interest payments instead of just interest.

• Flexible loans (12.9%): This type of loan contractually enables the customer to modify the monthly payments or make additional provision of funds up to a pre-established limit, as well as having disbursements from previously paid amounts above that limit.

• Buy to Let (3.4%): Buy to let mortgages (purchase of a property to then rent it out) account for a small percentage of the total portfolio. Admission was halted between 2009 and 2013 when it was reactivated following the improvement in market conditions and approval with strict rick policies. In 2015, these mortgages represented around 10% of the total admission.

The evolution of the mortgage portfolio over the last three years is shown below:

Mortgage portfolio: change over timeMillion euros

2013 2014 Dec 15

7.4%*

177,617193,048

207,319200,000

150,000

100,000

50,000

0

* Real growth, discounting exchange rate effect, is 2%.

There was slight growth of 2.0% (discounting the exchange rate impact) at December 2015, accompanied by a favourable environment for the property market with rising prices.

In 2015, as can be seen in the chart below, the NPL ratio dropped from 1.64% in 2014 to 1.44% at December 2015, slightly above that of the United Kingdom banking industry as a whole, according to the Council of Mortgage Lenders (CML).

Mortgage portfolio NPL ratio: change over time

Dec 14 Mar 15

Santander UK1 CML2

Jun 15 Sep 15 Dec 15

1.33%1.30%

1.26%1.23%

1.46% 1.44%

1.54%1.62%1.64%

1. Santander UK data according to amount of cases.

2 CML data according to volume of cases.

The decline in the NPL ratio was sustained by the evolution of non- performing loans, which improved significantly thanks to a more favourable economic environment, as well as the increased NPL exits due to the improvements in the efficiency of the recovery teams. The amount of non-performing loans thus dropped by 10.2%, following the trend seen in 2014.

It is also necessary to point out the more conservative focus adopted in Santander UK’s definition of a NPL, in line with the criteria set by the Bank of Spain and Grupo Santander, with regard to the standard applied in the United Kingdom market. This focus includes the classification as doubtful of the following operations:

• Customers with payment delays of between 30 and 90 days and who have been declared publicly insolvent (via bankruptcy process) in the previous two years.

• Operations in which once the maturity date is reached there is still capital of the loan pending payment with a maturity of more than 90 days, although the client remains up to date with the monthly payments.

• Forbearance operations which, in accordance with the corporate policy, are considered as ‘payment agreements’ and thus classified as doubtful.

Excluding these concepts, which are not included for calculating the NPL ratio in the United Kingdom market, and under which EUR 445 million were classified as NPLs at the end of 2015, the ratio of the mortgage portfolio was 1.22%, well below the aforementioned 1.44% and close to that published by the Council of Mortgage Lenders.

The strict credit policies limit the maximum loan-to-value (LTV) to 90% for those loans that amortise interest payments and capital, and to 50% for those that amortize interest regularly and the capital at maturity. These policies were applied, bringing the simple arithmetic average LTV of the portfolio to 45.3% and the average weighted LTV to 41.1%. The proportion of the portfolio with a LTV of more than 100% was reduced to 1.7% from 2.4% in 2014.

9. Percentage calculated for loans with the total or an interest only component.

210


2015 ANNUAL REPORT

The following charts show the LTV structure for the stock of residential mortgages and the distribution in terms of the income multiple of new loans in 2015:

< 75% < = 2.5 75-90% > 2.5-3 > 90% > 3.0

4.3%82.6% 17.5%

12.0%

70.5%

13.1%

Income multiple (average 3.1)2

Loan to value (average 45.3%)1

1. Loan to value: relation between the amount of the loan and the appraised value of the property. Based on indicess.

2. Income multiple: Income multiple: relation between the total original amount of the mortgage and the customer’s annual gross income declared in the loan request.

Credit risk policies currently used explicitly forbid loans regarded as high risk (subprime mortgages) and establish demanding requirements for credit quality, both for operations and for clients. For example, as of 2009 mortgages with a loan-to-value of more than 100% have not been allowed.

An additional indicator of the portfolio’s good performance is the reduced volume of foreclosed properties, which in December 2015 amounted to EUR 62 million, less than 0.03% of the total mortgage exposure. Efficient management of these cases and the existence of a dynamic market for this type of housing enables sales to take place in a short period of time (around 18 weeks on average), contributing to the good results.

D.1.3.1.3. SMEs and companiesAs shown in the chart on the segmentation of the portfolio at the beginning of this section, lending to SMEs and Companies (EUR 52,576 million) represented 12% of the total at Santander UK.

The following sub-segments are included in these portfolios:

SME and companies portfolio: segments

SMEs38.1%

Social housing

19.7%

SGCB24.9%

Companies17.3%

SMEs: this segment includes those small firms belonging to the business lines of small business banking and regional business centres. Total lending at December 2014 was EUR 20,036 million, with a NPL ratio of 3.8% (4.2% at the start of the year).

Companies: This includes companies who have a risk analyst assigned. It also includes portfolios considered as not strategic (legacy and non-core). Total lending at December was EUR 9,119 million, with a NPL ratio of 2% (2.2% at the start of the year).

SGCB: includes companies under the Santander Global Corporate Banking risk management model. Lending at December amounts to EUR 13,072 mn with an NPL ratio of 0.001%.

Social housing: this includes lending to companies that build, sell and rent social housing. This segment is supported by local governments and the central government and has no NPLs. Outstanding stood at EUR 10,349 million at the end of December.

In line with the objective of becoming the reference bank for SMEs and companies, the most representative portfolios of this segment had grown by around 3.6% at December 2015 in net terms.

D.1.3.2. Spain

D.1.3.2.1. Overview of the portfolioTotal credit risk (including guarantees and documentary credits) in Spain (excluding the real estate unit, commented on later) amounted to EUR 173,032 million (20% of the Group), with an adequate level of diversification by both product and customer segment.

Growth in new lending in main individual and business segment portfolios was consolidated in 2015, underpinned by the improved economic situation and the various strategies implemented by the Bank. In annual terms, total credit risk dropped 5% due mainly to lower lending to public authorities and the pace of repayment still being much higher than the growth of new lending in the other segments.

Credit risk by segmentMillion euros

2015 2014 2013Var

15/14Var

14/13

Total credit risk* 173,032 182,974 189,783 -5% -4%Home mortgages 47,924 49,894 52,016 -4% -4%Rest of loans to individuals 16,729 17,072 17,445 -2% -2%Companies 92,789 96,884 106,042 -4% -9%Public administrations 15,590 19,124 13,996 -18% 37%

* Including guarantees and documentary credits.

211


2015 ANNUAL REPORT

The NPL ratio for the total portfolio was 6.53%, 85 b.p less than in 2014. The fall in lending (which increased the NPL ratio by 42 b.p.) was offset by the better NPL figure (which reduced the ratio by 127 b.p.). This improvement was mainly due to the gross NPL entries, 22% lower than 2014, and, to a lower degree, to the normalisation of several restructured positions and portfolio sales.

The coverage ratio rose 3 p.p. to levels of 48%, continuing with the increase reported in 2014.

NPL ratio and coverage ratio

2012 2013

NPL ratio Coverage ratio

2014 2015

50%

3.84%

7.49% 7.38%

44% 45%48%

6.53%

Below are the main portfolios.

D.1.3.2.2. Home mortgagesLending to households to acquire a home in Spain amounted to EUR 48,404 million at the end of 2015 (28% of total credit). 99% of those homes have a mortgage guarantee.

Lending to households to acquire homes*Million euros

2015 2014 2013

Gross amount 48,404 50,388 52,879

Without mortgage guarantee 480 493 863

With mortgage guarantee 47,924 49,894 52,016

Of which doubtful 2,477 2,964 3,956

Without mortgage guarantee 40 61 461

With mortgage guarantee 2,437 2,903 3,495

* Not including the Santander Consumer España mortgage portfolio (EUR 2,382 million in 2015, with EUR 90 million of doubtful loans).

The NPL ratio of mortgages to households to acquire a home was 5.09%, 73 b.p.less than in 2014, supported by steadily falling gross NPL entries.

NPL ratio of mortgages for homes in Spain

2013 2014 2015

5.82%

6.72%

5.09%

The portfolio of mortgages for homes in Spain kept its medium-low profile and with limited expectations of a further deterioration:

• All mortgages pay principle right from the start.

• Early amortization is usual and so the average life of the operation is well below that in the contract.

• The borrower responds with all his assets and not just the home.

• High quality of collateral concentrated almost exclusively in financing the first home.

• The average affordability rate was maintained at 28%.

• Some 69% of the portfolio has a loan-to-value of less than 80% (total risk/latest available valuation of the home).

TE< 30%

30% < TE< 40%

TE> 40%

LTV< 40%

LTV between 40% and 60%



LTV> 100%

Affordability ratio % Average 28.4%

Loan to value %

21.4%

12%

19%

26%

22%

21%53.4%

25.2%

Loan to value: percentage indicating the total risk/latest available valuation of the home.

Affordability ratio: relation between the annual instalments and the customer’s net income.

212


2015 ANNUAL REPORT

In 2015, the vintages performance remained strong, underpinned by the quality measures deployed in 2008 since 2008 and also a shift in demand towards better profiles, which is shown in falling NPL entries.

7.0%

6.0%

5.0%

4.0%

3.0%

2.0%

1.0%

0.0%0 5 10 15 20 25 30 35 40 45 50 55 60 65 70 75 80 85 90 95 100

NPL

rat

e

Months

Maturity of vintages

20086.31%

20101.17%

20091.71%

20111.62%

20140.10%2015

0.01%20120.78%

20130.29%

D.1.3.2.3. Companies portfolioCredit risk assumed directly with SMEs and companies (EUR 92,889 million) is the main segment in lending in Spain (54% of the total).

Most of the portfolio (94%) corresponds to clients who have been assigned a analyst who monitors the borrower continuously throughout the risk cycle. In 2014, as part of the Santander Advanced project, the criteria of clients with an individual analyst was changed and the number of clients with continuous monitoring increased.

It is a highly diversified portfolio, with over 191,290 active customers and without significant concentrations in any one particular business segment.

Real estate activities7.8%

Manufacturing industry17.7%

Financial and insurance activities

8.4%

Professional activities, sc

ientific, technical7.2%

Supply of energy, electricity, gas, water9.8%

Information and communications

4.6%

Administrative activities

2.5%Agriculture, cattle,

forestry, fisheries2.2%

Transport and storage

5.5%

Hotel trade4.3%

Mining industries1.3%

Other social services1.1%

Construction11.6%

Other 2.0%

Commerce and repairs14.1%

Companies portfolio distribution

The NPL ratio of this portfolio was 7,64%, 127 b.p. lower than 2014, with gross entries in default 30% lower than the previous year.

D.1.3.2.4. Property activity in SpainThe Group manages, in a separate unit, run-off real estate activity in Spain10, which includes loans to clients mainly for real estate promotion, and has a specialised management model, stakes in real estate companies11 and foreclosed assets.

The Group’s strategy in the last few years has been to reduce the volume of these loans which at the end of 2015 stood at EUR 6,991 million in net terms (around 2% of loans in Spain and less than 1% of the Group’s loans). The portfolio’s composition is as follows:

• Net loans are EUR 2,596 million, EUR 1,191 million less than in December 2014 and with a coverage of 56%.

• Net foreclosed assets at year end were EUR 3,707 million, with coverage of 55%.

• The value of the stakes in real estate companies was EUR 688 million.

The gross exposure in loans and foreclosures continued the downward trend of previous years and fell 59% between 2008 and 2015.

10. For more detail on the real estate portfolio see note 54 of the Audit Report and the Annual Financial Statements.

11. As of December 2014, the stake in Metrovacesa was consolidated by global integration.

213


2015 ANNUAL REPORT

The changes over time and the classification of the credit and foreclosed assets portfolios are shown in the table below:

Credits and foreclosed assets portfolioMillion euros

2015 2014

Gro

ss

bala

nce

%

cove

rage

Net

ba

lanc

e

Gro

ss

bala

nce

%

cove

rage

Net

ba

lanc

e

1. Credit 5,959 56% 2,596 8,276 54% 3,787

a. Normal 48 0% 48 102 0% 102

b. Substandard 387 30% 270 1,209 35% 784

c. Doubtful 5,524 59% 2,278 6,965 58% 2,901

2. Foreclosed 8,253 55% 3,707 7,904 55% 3,533

TOTAL 1+2 14,212 56% 6,303 16,180 55% 7,320

Under the perimeter of management of the real estate unit, net exposure was reduced by 14% in 2015.

2014 2015

3,787

2,596

3,707

6,303

7,320

3,533

-1,191

174

-1,017

Foreclosed properties Credit

Change in net exposure over time

By type of real estate that guarantees the loans and foreclosed assets, the coverage levels are as follows:

Coverage by guarantee typeMillion euros

Real estate loans

Foreclosed assets Total

Cove-Exposure rage

Cove-Exposure rage Exposure

Cove-rage

Completed buildings 2,735 43% 2,292 46% 5,027 44%

Promotions under construction 137 43% 832 49% 969 48%

Land 2,302 67% 5,081 60% 7,383 62%

Other guarantees 785 75% 48 60% 833 74%

TOTAL 5,959 56% 8,253 55% 14,212 56%

D.1.3.3. BrazilCredit risk in Brazil amounts to EUR 72,173 million, down 20.3% against 2014 and largely due to the depreciation of the Brazilian currency. Santander Brasil thus accounts for 8.5% of all Grupo Santander’s lending. It is adequately diversified and with a mainly retail profile (46.4% to individuals, consumer finance and SMEs).

* Santander Financiamentos: unit specialised in consumer finance (mainly auto finance).

Portfolio mix%

Others1.8%

SGCB33.9%

Companies16.6%

SMEs11.7%

Santander Finances*8.4%

Institutions1.3%

Retail26.3%

At the close of 2015, this unit reported 5.70% growth at an unchanged exchange rate, in line with the average growth rate for private banks in the country.

The strategy focused on the change of mix used in recent years was continued during 2015. Stronger growth was obtained in the segments with a more conservative profile, leading to greater weight in higher credit quality products. In the individuals segment, growth in particularly strong in the mortgage portfolio and in the payroll discount (‘consignado’ credit) loans portfolio created through the joint-venture between Santander Brasil and Banco Bonsucesso. Unsecured products such as special cheque and cards have fallen in both individuals and in SMEs. In companies (legal entities), the strongest growth was to be found in the business and corporate banking portfolios, with significant positions in dollars in both cases, thus benefiting from the BRL’s depreciation against the dollar.

214


2015 ANNUAL REPORT

Below are the levels of lending and growth of the main segments at a constant exchange rate.

Lending: segmentationMillion euros. Fixed exchange rate at 31 December, 2015

2015 2014 2013 15 / 14 14 / 13

Individuals 18,964 18,399 17,549 3% 5%

Mortgages 6,107 5,168 3,823 18% 35%

Consumer 7,009 7,847 8,820 -11% -11%

Cards 4,403 4,265 3,993 3% 7%

Others 1,445 1,120 912 29% 23%

Santander Financiamentos 6,040 6,529 6,781 -7% -4%

SMEs and large companies 44,840 40,740 34,038 10% 20%

SMEs 8,440 7,976 8,413 6% -5%

Companies 11,959 10,766 9,020 11% 19%

Corporate 24,441 21,998 16,605 11% 32%

The leading indicators on the credit profile of new loans (vintages), which are continuously tracked, are shown below. These are transactions over 30 days in arrears at three and six months respectively from their origination date, in order to anticipate any possible impairment in portfolios. These allow the Entity to define corrective measures if deviations against the expected scenarios are detected. As we can see, these vintages were kept at comfortable levels through proactive risk management.

Vintages. Changes in the Over 30* ratio over time at three and six months from each vintage admissionAs a percentage

Mar

14

Jun

14

Sep

14

Dec

14

Mar

15

Apr

15

May

15

Jun

15

Jul 1

5

Aug

15

Sep

15

Mar

14

Jun

14

Sep

14

Dec

14

Mar

15

Apr

15

May

15

Jun

15

Jul 1

5

Aug

15

Sep

15

Individuals SMEs

1.7%1.5%

4.1%

2.4%

1.3%

1.4%

3.0%

2.8%

1.2% 0.7%

3.1%

1.7%

1.5%

1.4%

3.5%

3.1%

1.0%0.6%

2.8%

1.7%

1.2%1.0%

3.1%2.8%

2.6%2.4%

1.4% 0.7%

3.0% 1.9%

1.1%

1.2%1.5%

0.9%1.4% 1.3% 1.0%1.1%

* Ratio calculated as the total amount of operations that are more than 30 days overdue on the total amount of the vintage.

Over30 Mob3 Over30 Mob 6

215


2015 ANNUAL REPORT

At the close of 2015, the NPL ratio stood at 5.98% (93 b.p. against the previous year). This increase was the result of the following factors: the country’s economic recession and additional problems in industries with the highest sensitivity to commodity prices, particularly in the energy and oil sectors. Consequently, NPL entries in the Business and Santander Global Corporate Banking segments have increased.

Faced with this situation, Santander Brazil has deployed a set of measures designed to reinforce risk management. These measures are geared towards improving the quality of new lending, and also allaying the effects of this challenging economic situation on the portfolio. This set of measures, which is known as the Defence Plan, is based on preventive management of arrears, thus enabling the Bank to anticipate possible further customer impairments. The defensive measures set out in this Plan include the following:

• Reduction of limits in products/medium-high risk clients.

• Implementing limits on maximum debt.

• Migration of revolving towards fixed instalment products.

• Higher collateralisation of portfolio.

• Improvements in admission models, which have to be more precise and predictive, and in collection channels.

• More individualised treatment in SMEs of a certain size (non-standardised model).

• Management of risk appetite by sectors and restriction of powers in critical sectors.

Santander Brazil is using this proactive risk management, based on the knowledge of our customers, to strengthen its position during the current economic cycle. This is shown by the change in the impairment rate (over 90 rate) of the loan portfolio, which stood at 3.24% at the close of 2015, and which was consistently lower than the average for Brazilian private banks in 2015 (4.20%).

The cost of credit fell during the year from 4.9% in 2014 to 4.5% in 2015 due to growth in provisions being lower than the growth in lending, and also through the strategy of changing the product mix.

The NPL coverage rate stood at 83.7% at 2015 year-end, indicating an 11.7 pp decrease on the previous year-end. This fall is the result of the previously mentioned NPL rate increase, and the change in the portfolio mix, where there was an increase in the weight of mortgage lending, which requires lower provisions since it is secured by collateral.

2012 2013 2014 2015 2012 2013 2014 2015 2012 2013 2014 2015

6.90%5.64% 5.05% 5.98%

90% 95% 95%84%

7.38%6.34%

4.84% 4.50%

NPL ratio Coverage ratio Cost of credit

216


2015 ANNUAL REPORT

D.1.4. Other credit risk optics

D.1.4.1. Credit risk by activity in the financial marketsThis section covers credit risk generated in treasury activities with clients, mainly with credit institutions. This is developed through financing products in the money market with different financial institutions, as well as derivatives to provide service to Group clients.

According to chapter six of the CRR (EU regulation 575/2013), the credit risk of the counterparty is the risk that the client in an operation could enter into non-payment before the definitive settlement of the cash flows of this operation. It includes the following types of operations: derivative instruments, operations with repurchase commitment, stock lending commodities, operations with deferred settlement and financing of guarantees.

There are two methodologies for measuring the exposure, one is with the Mark to Market (MtM) methodology (replacement value of derivatives or drawn amount in committed credit lines) and the other, introduced in mid 2014 for some countries and products, which incorporates the calculation of the exposure by Monte Carlo simulation. The capital at risk or unexpected loss is also calculated, i.e. the loss which, once the expected loss has been subtracted, constitutes the economic capital, net of guarantees and recovery.

After markets close, exposures are re-calculated by adjusting all operations to their new time frame, adjusting the potential future exposure and applying mitigation measures (netting, collateral, etc), so that the exposures can be controlled directly against the limits approved by senior management. Risk control is done through an integrated system and in real time, enabling the exposure limit available with any counterparty, product and maturity and in any Group unit to be known at each moment.

Exposures in counterparty risk: over the counter (OTC) operations and organised marketsThe total exposure at the end of 2015 on the basis of management criteria in terms of positive market value after applying netting agreements and collateral by counterparty risk activities was EUR 18,761 million (net exposure of EUR 52,148 million) and was concentrated in high credit quality counterparties (78.3% of risk with counterparties has a rating equal to or more than A-).

In addition, at September 2015 credit valuation adjustments (CVA) of EUR 850.9 million were registered (+8.3% % vs. 2014 due mainly to the general decline in credit quality of the main Brazilian counterparties) and debt valuation adjustments (DVA) of EUR 530.8 million (+133%, largely due to the increase in spread of Banco Santander and to a lesser degree, as a result of changes in the corporate DVA calculation methodology)12.

Around 93% of the counterparty risk operations in nominal terms was with financial institutions and central counterparty institutions (CCP in English) with whom we operate almost entirely under netting and collateral agreements. The rest of operations with customers who are not financial institutions are, in general, operations whose purpose is hedging. Occasionally, operations are conducted for purposes other than hedging, always with specialised clients.

Distribution of counterparty risk by customer rating (in terms of nominals)*

AAA 1.06%

AA 2.52%

A 74.74%

BBB 18.69%

BB 2.95%

B 0.04%

REST 0.01%

* Ratings based on equivalences between internal ratings and credit agency ratings.

12. The definition and methodology for calculating the CVA and DVA are set out in D.2.2.2.6. Credit Valuation Adjustment (CVA) and Debt Valuation Adjustment (DVA) of this Report.

217


2015 ANNUAL REPORT

Counterparty risk: distribution by nominal risk and gross market value*Million euros

2015 2014 2013

Market value Market value Market value

Nominal Positive Negative Nominal Positive Negative Nominal Positive Negative

CDS protection bought** 32,350 80 529 38,094 60 769 45,968 86 887

CDS protection sold 26,195 428 52 31,565 658 48 38,675 763 89

Total credit derivatives 58,545 508 581 69,659 717 817 84,642 849 976

Equity forwards 980 5 6 1,055 117 17 2,125 76 20

Equity options 23,564 959 1,383 36,616 1,403 2,192 58,964 1,686 2,420

Equity spot 20,643 794 - 19,947 421 - 10,041 1,103 -

Equity swaps 28 - 1,210 472 - 701 685 - 265

Equities - organised markets 6,480 - - 8,616 - - 9,117 - -

Total equity derivatives 51,695 1,758 2,598 66,705 1,941 2,910 80,931 2,865 2,705

Fixed-income forwards 11,340 39 66 3,905 3 124 3,089 1 0

Fixed-income options 789 8 - 423 4 0 - 0 -

Fixed-income spot 3,351 - - 5,055 - - 1,906 - -

Fixed income - organised markets 831 - - 1,636 - - 2,091 - -

Total fixed income derivatives 16,311 47 66 11,018 8 124 7,086 1 0

Forward and spot rates 148,537 5,520 3,315 151,172 3,633 2,828 101,216 2,594 1,504

Exchange-rate options 32,421 403 644 44,105 530 790 46,290 604 345

Other exchange rate derivatives 189 1 4 354 3 6 125 2 1

Exchange-rate swaps 522,287 20,096 21,753 458,555 14,771 15,549 411,603 9,738 8,530

Exchange rate - organised markets - - - - - - - - -

Total exchange rate derivatives 703,434 26,019 25,716 654,187 18,936 19,173 559,233 12,940 10,380

Asset swaps 22,532 950 1,500 22,617 999 1,749 22,594 901 1,634

Call money swaps 190,328 2,460 1,792 264,723 1,228 1,150 235,981 698 608

Interest rate structures 8,969 2,314 3,031 23,491 2,215 2,940 37,398 1,997 2,553

Forward interest rates- FRAs 178,428 19 78 171,207 13 63 117,011 16 18

IRS 3,013,490 85,047 85,196 2,899,760 95,654 94,624 2,711,552 58,164 54,774

Other interest-rate derivatives 194,111 3,838 3,208 218,167 4,357 3,728 230,735 3,870 3,456

Interest rate - organised markets 26,660 - - 38,989 - - 31,213 - -

Total interest-rate derivatives 3,634,518 94,628 94,806 3,638,955 104,466 104,253 3,386,485 65,648 63,043

Commodities 468 130 40 1,020 243 112 1,363 265 78

Commodities - organised markets 59 - - 208 - - 446 - -

Total commodity derivatives 526 130 40 1,228 243 112 1,809 265 78

Total gross derivatives 4,431,000 123,089 123,805 4,392,303 126,312 127,389 4,077,320 82,567 77,183

Total derivatives - organised markets *** 34,028 49,449 42,866

Repos 128,765 3,608 3,309 166,047 3,871 5,524 152,105 9,933 7,439

Securities lending 30,115 10,361 1,045 27,963 3,432 628 19,170 2,919 672

Total counterparty risk 4,623,908 137,058 128,159 4,635,762 133,615 133,541 4,291,461 95,419 85,294

* Figures with management criteria.

** Credit derivatives bought including hedging of loans.

*** Refers to listed derivatives transactions (proprietary portfolio). Listed derivatives have a market value of zero. No collaterals are received for these types of transactions.

218


2015 ANNUAL REPORT

Counterparty risk: exposure in terms of market value and credit risk equivalent including mitigation effect1

Million euros

2015 2014 2013

Market value netting effect2 34,210 28,544 27,587

Collateral received 15,450 11,284 9,451

Exposure by market value3 18,761 17,260 18,136

Net CER4 52,148 50,077 58,485

1. Figures with management criteria. Listed derivatives have a market value of zero. No collaterals are received for these types of transactions.

2. Market value used to include the effects of mitigation agreements so as to calculate exposure for counterparty risk.

3. Considering the mitigation of the netting agreements and having deducted the collateral received.

4. CER/Credit risk equivalent: net value of replacement plus the maximum potential value, minus collateral received. Includes regulatory EAD for organised markets (EUR 41 million in December 2015, EUR 71 million in 2014 and EUR 60 million in 2013).

Counterparty risk: distribution of nominals by maturity*Million euros

1 year** 1-5 years 5-10 years Over 10 years TOTAL

CDS protection bought *** 31,583 767 0 0 32,350

CDS protection sold 23,817 2,159 219 0 26,195

Total credit derivatives 55,400 2,926 219 0 58,545

Equity forwards 822 158 0 0 980

Equity options 22,316 715 63 470 23,564

Equity spot 20,027 401 0 215 20,643

Equity swaps 27 1 0 0 28

Equities - organised markets 4,563 1,915 1 0 6,480

Total equity derivatives 47,756 3,190 64 685 51,695

Fixed-income forwards 11,001 313 12 14 11,340

Fixed-income options 262 527 0 0 789

Fixed-income spot 2,504 603 99 146 3,351

Fixed income - organised markets 831 0 0 0 831

Total fixed income derivatives 14,598 1,442 111 160 16,311

Forward and spot rates 136,304 10,169 929 1,136 148,537

Exchange-rate options 29,919 1,842 283 377 32,421

Other exchange rate derivatives 159 28 2 0 189

Exchange-rate swaps 491,960 21,691 4,985 3,652 522,287

Exchange rate - organised markets - - - - -

Total exchange rate derivatives 658,342 33,729 6,198 5,165 703,434

Asset swaps 6,483 15,585 243 220 22,532

Call money swaps 181,909 4,622 2,621 1,176 190,328

Interest rate structures 8,522 434 10 3 8,969

Forward interest rates- FRAs 178,240 47 141 0 178,428

IRS 2,871,123 94,584 35,985 11,798 3,013,490

Other interest-rate derivatives 176,529 11,752 4,815 1,016 194,111

Interest rate - organised markets 13,725 12,935 0 0 26,660

Total interest-rate derivatives 3,436,530 139,959 43,815 14,213 3,634,518

Commodities 422 45 0 1 468

Commodities - organised markets 35 24 0 0 59

Total commodity derivatives 457 68 0 1 526

Total gross derivatives 4,193,930 166,439 50,406 20,225 4,431,000

Total derivatives - organised markets **** 19,153 14,874 1 0 34,028

Repos 114,485 9,417 3,035 1,828 128,765

Securities lending 17,989 6,462 3,892 1,772 30,115

Total counterparty risk 4,345,557 197,192 57,334 23,825 4,623,908


** The collateral replacement term is considered to be the maturity date in transactions with collateral agreements.

*** Credit derivatives acquired including hedging of loans.

**** Refers to listed bought transactions (proprietary). Listed derivatives have a market value of zero. No collaterals are received for these types of transactions.

219


2015 ANNUAL REPORT

The distribution of the activity by type of counterparty in terms of notional amounts was concentrated mainly in financial institution (47%) and central clearing counterparties (46%).

Companies1%

Sovereign/Supranational

2%Corporate4%

Central clearing counterparties

46%

Financial institution47%

Counterparty risk by customer type

As regards to geographic distribution, 55% of the activity in terms of notional amounts was with UK counterparties (whose weight within the total is due to the increasing use of clearing houses), 15% with North American counterparties, 7% with French ones, 6% with Spanish counterparties, and of note among the rest is 11% with other European countries and 4% with Latin America.

Counterparty risk, organised markets and clearing housesThe Group’s policies seek to anticipate wherever possible the implementation of measures resulting from new regulations regarding operations of OTC derivatives, repos and stock lending, both if settled by clearing house or if remaining bilateral. In recent years, there has been a gradual standardisation of OTC operations in order to conduct clearing and settlement via houses of all new trading operations required by the new rules, as well as foster internal use of the electronic execution systems.

As regards the operations of organised markets, although counterparty risk management is not considered to include credit risk for this type of transaction13, since the coming into force of the new CRD IV (Capital Requirements Directive) and CRR (Capital Requirements Regulation) - which transpose the principles of Basel III - in 2014, regulatory credit exposure for these types of transactions form part of capital calculations.

The following table show the relative share in total derivatives of new operations settled by clearing house at close of 2015 and the significant evolution of operations settled by clearing house since 2013.

Spain6%

Latin America4%

Others2%

Rest of Europe11%

US15%

UK55%

Counterparty risk by geography

France7%

Distribution of counterparty risk in accordance with settlement channel and product type*Nominal in million euros

Bilateral CCP** Organised markets ***

Nominal % Nominal % Nominal % Total

Derivatives 56,767 97.0% 1,778 3.0% - 0.0% 58,545

Equity derivatives 45,174 87% 42 0.1% 6,479 12.5% 51,695

Fixed-income derivatives 15,415 94.5% 65 0.4% 831 5.1% 16,311

Exchange rate derivatives 691,679 98.3% 11,755 1.7% - 0.0% 703,434

Interest rate derivatives 1,564,716 43.1% 2,043,142 56.2% 26,660 0.7% 3,634,518

Commodities derivatives 468 88.9% - 0.0% 58.6 11.1% 526

Repos 84,086 65.3% 44,679 34.7% - 0.0% 128,765

Securities lending 30,115 100.0% - 0.0% - 0.0% 30,115

Total general 2,488,419 53.8% 2,101,460 45.4% 34,028 0.7% 4,623,908

*

**

***

Figures with management criteria.

Central counterparties (CCP).

Refers to listed derivatives transactions (proprietary portfolio). Listed derivatives have a market value of zero. No collaterals are received for these types of transactions.

13. Credit risk is eliminated by the organised markets acting as counterparty in the transactions, as they are equipped with mechanisms to safeguard their financial position using deposit and collateral replacement systems and processes to ensure liquidity and transparency in transactions.

220


2015 ANNUAL REPORT

Distribution of risk settled by CCP and organised markets by product and change over time*Nominal in million euros

2015 2014 2013

Credit derivatives 1,778 1,764 949

Equity derivatives 6,522 8,686 9,228

Fixed-income derivatives 896 1,651 2,092

Exchange rate derivatives 11,755 484 616

Interest rate derivatives 2,069,802 1,778,261 1,321,709

Commodities derivatives 59 208 446

Repos 44,679 57,894 55,435

Securities lending - - 46

Total 2,135,489 1,848,948 1,390,519


The Group actively manages operations not settled by clearing house and seeks to optimise their volume, given the requirements of spreads and capital that the new regulations impose on them.

In general, transactions with financial institutions are done under netting and collateral agreements, and constant efforts are made to ensure that the rest of operations are covered under this type of agreement. Generally, the collateral agreements that the Group signs are bilateral ones with some exceptions mainly with multilateral institutions and securitisation funds.

The collateral received under the different types of collateral (CSA, OSLA, ISMA, GMRA, etc) signed by the Group amounted to EUR 15,450 million (of which EUR 11,524 million corresponded to collateral received by derivatives), mostly effective (81%), and the rest of the collateral types are subject to strict policies of quality as regards the type of issuer and its rating, debt seniority and haircuts applied.

The chart below shows the geographic distribution:

Mexico6%

Chile8%

UK16%

Spain66%

Other4%

Collateral received. Geographic distribution

Off-balance sheet credit risk The off-balance sheet risk corresponding to funding and guarantee commitments with wholesale clients was EUR 90,795 million and with the following distribution by products:

Off balance sheet exposureMillion euros

Maturity

Product< 1

year1-3

year3-5

year> 5

year Total

Funding* 11,207 13,728 33,229 6,329 64,493

Technical guarantees 3,589 10,034 1,667 281 15,571

Financial and commercial guarantees 3,998 4,396 986 684 10,065

Foreign trade** 451 119 92 4 665

Total 19,245 28,277 35,974 7,298 90,795

* Mainly including credit lines committed bilaterally and syndicated.

** Mainly including stand-by letters of credit.

Activity in credit derivativesGrupo Santander uses credit derivatives to cover loans, customer business in financial markets and within trading operations. The volume of this activity is small compared to that of our peers and, moreover, is subject to a solid environment of internal controls and minimising operational risk.

The risk of these activities is controlled via a broad series of limits such as Value at Risk (VaR)14, nominal by rating, sensitivity to the spread by rating and name, sensitivity to the rate of recovery and to correlation. Jump-to-default limits are also set by individual name, geographic area, sector and liquidity.

In notional terms, the CDS position incorporates EUR 28,335 million15 of acquired protection and EUR 26,190 million of sold protection.

At December 31, 2015, the sensitivity of lending to increases in spreads of one basis point was marginal, and much lower than in 2014, of - EUR 1.5 million, and the average VaR was EUR 2.4 million, lower than in 2014 (EUR 2.9 million).

D.1.4.2. Risk of concentrationControl of risk concentration is a vital part of management. The Group continuously tracks the degree of concentration of its credit risk portfolios using various criteria: geographic areas and countries, economic sectors, products and groups of clients.

The board, via the risk appetite, determines the maximum levels of concentration, as detailed in section B.3.1. Risk appetite and structure of limits. In line with the risk appetite, the executive risk committee establishes the risk policies and reviews the exposure levels appropriate for adequate management of the degree of concentration of the credit risk portfolios.

14. The VaR definition and calculation methodology is in section D.2.2.2.1. Value at Risk (VaR) of this Report.

15. This figures excludes around EUR 3,189 million nominal of CDS which cover loans that for accounting purposes are recorded as financial guarantees instead of credit derivatives as their change in value has no impact on results or reserves in order to avoid accounting asymmetry.

221


2015 ANNUAL REPORT

In geographic terms, credit risk with customers is diversified in the main markets in which the Group operates, as shown in the chart below.

US11%

Other20%

Chile4%

Portugal4%

UK33%

Spain20%

Brazil8%

Credit risk with customers

Some 57% of the Group’s credit risk corresponds to individual customers, who, due to their inherent nature, are highly diversified. In addition, the portfolio is also well distributed by sectors, with no significant concentrations in specific sectors. The following chart shows the distribution at the end of the year.

Transport and communications 3%

Other business services 3%

Hotels 1%

Real estate activity6%

Commerce and repairs 5%

Construction 3%

Metallurgy 1%

Other social services 1%

Refined oil 1%

Other financial intermediaries 2%

Food, drink and tobacco 1%

Civil engineering 2%

Other manufacturing industries 3%

Prod. & distrib. of elect., gas & water 2%

Other <1% 8%

Individuals 57%

Sector diversification

The Group is subject to the regulation on large risks contained in the fourth part of the CRR (EU regulations 575/2013), according to which the exposure contracted by an entity with a client or group of clients linked among themselves will be considered a ‘large exposure’ when its value is equal to or more than 10% of the eligible capital. In addition, in order to limit the large exposures no entity can assume with a client or group of linked clients an exposure whose value exceeds 25% of its eligible capital, after taking into account the impact of the reduction of credit risk contained in the regulation.

At December 2015, after applying risk mitigation techniques and regulations applicable to large risks, all the declared groups were below 4.9% of eligible equity except for two entities: a central EU counterparty entity which was 7.3%, and an EU corporate group with 6.8%.

The regulatory credit exposure with the 20 largest groups within the sphere of large risks represented 5.8% of outstanding credit risk with clients (lending plus balance sheet risks). As for regulatory credit exposure with financial institutions, the top 10 represented EUR 19,119 million.

The Group’s risks division works closely with the financial division to actively manage credit portfolios. Its activities include reducing the concentration of exposures through various techniques such as using credit derivatives and securitisation to optimise the risk- return relation of the whole portfolio.

D.1.4.3. Country riskCountry risk is a component of credit risk in all cross-border credit operations for circumstances different to the usual commercial risk. Its main elements are sovereign risk, the risk of transfer and other risks that could affect international financial activity (wars, natural disasters, balance of payments crisis, etc).

At 31 December 2015 , exposure to potential country-risk provisions was EUR 193 million (EUR 176 million in December 2014). At the close of 2015, total provisions stood at EUR 25 million compared with EUR 22 million at the end of the previous year.

The principles of country risk management continued to follow criteria of maximum prudence; country risk is assumed very selectively in operations that are clearly profitable for the bank, and which enhance the global relationship with customers.

222


2015 ANNUAL REPORT

D.1.4.4. Sovereign risk and vis-á-vis the rest of public administrations As a general criterion, sovereign risk is that contracted in transactions with a central bank (including the regulatory cash reserve requirement), the issuer risk of the Treasury or similar entity (portfolio of public debt) and that arising from operations with public institutions with the following features: their funds only come from the state’s budgeted income and the activities are of a non-commercial nature.

This criterion, historically used by Grupo Santander, has some differences with that of the European Banking Authority (EBA) used for its regular stress exercises. The main ones are that the EBA’s criterion does not include risk with central banks, exposures with insurance companies, indirect exposures via guarantees and other instruments. On the other hand, it includes public administrations in general (including regional and local ones) and not only the state sector.

Exposure to sovereign risk (according to the criteria applied in the Group) mainly emanates from the obligations to which our subsidiary banks are subject regarding the establishment of certain deposits in central banks, the establishment of deposits with the excess of liquidity and of fixed-income portfolios maintained within the risk management strategy for structural interest of the balance sheet and in trading books in treasuries. The great majority of these exposures are in local currency and are funded on the basis of customer deposits captured locally, and also in local currency.

Exposures in the local sovereign but in currencies different to the official one of the country of issuance is not very significant (EUR 11,116 million, 5.6% of the total sovereign risk), and less so the exposure in non-local sovereign issuers, which means cross- border risk (EUR 2,719 million, 1.38% of total sovereign risk).

In general, the total exposure to sovereign risk has remaimed at adequate levels to support the regulatory and strategic motives of this portfolio.

The investment strategy for sovereign risk also takes into account the credit quality of each country when setting the maximum exposure limits. The following table shows the percentage of exposure by rating levels16.

Exposure by level of rating %

30 Sep. 2015 31 Dec. 2014 31 Dec. 2013

AAA 34% 29% 36%

AA 4% 4% 6%

A 22% 28% 27%

BBB 33% 32% 26%

Lower than BBB 7% 7% 5%

Exposure to sovereign risk (EBA criteria)Million euros

31 Dec 2015 PortfolioTrading

and Held to Total net Others Available Loan maturity direct

at FV for sale portfolio portfolio exposureSpain 8,954 26,443 11,272 2,025 48,694Portugal 104 7,916 1,987 0 10,007Italy 2,717 0 0 0 2,717Greece 0 0 0 0 0Ireland 0 0 0 0 0Rest Eurozone (211) 143 69 0 1UK (786) 5,808 141 0 5,163Poland 13 5,346 42 0 5,401Rest of Europe 120 312 238 0 670US 280 4,338 475 0 5,093Brazil 7,274 13,522 947 2,186 23,929Mexico 6,617 3,630 272 0 10,519Chile 193 1,601 3,568 0 5,362Rest of America 155 1,204 443 0 1,802Rest of the world 3,657 1,687 546 0 5,890Total 29,087 71,950 20,000 4,211 125,248

31 Dec 2014 Portfolio Total net

Trading and Available Loan direct Others at FV for sale portfolio exposure

Spain 5,778 23,893 15,098 44,769Portugal 104 7,811 589 8,504Italy 1,725 0 0 1,725Greece 0 0 0 0Ireland 0 0 0 0Rest Eurozone (1,070) 3 1 (1,066)UK (613) 6,669 144 6,200Poland 5 5,831 30 5,866Rest of Europe 1,165 444 46 1,655US 88 2,897 664 3,649Brazil 11,144 17,685 783 29,612Mexico 2,344 2,467 3,464 8,275Chile 593 1,340 248 2,181Rest of America 181 1,248 520 1,949Rest of the world 4,840 906 618 6,364Total 26,284 71,194 22,205 119,683

16. Based on internal ratings.

223


2015 ANNUAL REPORT

The sovereign risk distribution by rating level was affected in the last few years by many rating revisions of the sovereign issuers of the countries where the Group operates.

On the basis of the EBA criteria already mentioned, the exposure to public administrations at the end of each of the last three years was as follows (figures in million euros)17.

Exposure is moderate and the levels are similar to those in 2014. The sovereign risk exposure of Spain (where the Group has its headquarters) is not high in terms of total assets (3.6% at the end of December 2015), compared to its peers.

The sovereign exposure in Latin America is almost all in local currency, recorded in local books and concentrated in short-term maturities of lower interest rate risk and greater liquidity.

31 Dec 2013 Portfolio Total net

Trading and Available Loan direct Others at FV for sale portfolio exposure

Spain 4,359 21,144 12,864 38,367Portugal 149 2,076 583 2,807Italy 1,310 77 0 1,386Greece 0 0 0 0Ireland 0 0 0 0Rest Eurozone (1,229) 67 0 (1,161)UK (1,375) 3,777 0 2,402Poland 216 4,770 43 5,030Rest of Europe 5 117 0 122US 519 2,089 63 2,671Brazil 8,618 8,901 223 17,743Mexico 3,188 2,362 2,145 7,695Chile (485) 1,037 534 1,086Rest of America 268 619 663 1,550Rest of the world 5,219 596 148 5,964Total 20,762 47,632 17,268 85,661

Exposure to sovereign risk (EBA criteria)Million euros

Sovereign and rest of public administrations risk: Net direct exposure (EBA criterion)Million euros

120,000

100,000

80,000

60,000

40,000

20,000

0

Dec 13 Dec 14 Dec 15

Other Latin America Rest of Europe Spain

D.1.4.5. Social and environmental risk Banco Santander considers social and environmental issues to be a crucial part of risk analysis and decision making processes in its financing transactions. The Bank has applied process to identify, analyse and assess credit transactions subject to Group policy, policies based on the Equator Principle criteria, which the Bank signed up to 2009. In accordance with these principles, the social and environmental impact of project finance operations and corporate loans with a known purpose (bridging loans with forbearance envisaged via project finance and corporate financing to construct or increase a specific project) is analysed.

The methodology used is set out below.

• For project finance operations with an amount equal to or more than $10 million, corporate loans with known destiny for a project with an amount equal to more than $100 million, with Santander’s share equal to or more than $50 million, an initial questionnaire is filled out, of a generic nature, designed to establish the project’s risk in the socio-environmental sphere (according to categories A, B and C, from greater to lower risk, respectively) and the operation’s degree of compliance with the Equator Principles.

• For those projects classified within the categories of greater risk (categories A and B), a more detailed questionnaire has to be filled out, adapted according to the sector of activity.

• According to the category and location of the projects a social and environmental audit is carried out (by independent external auditors). The Bank also gives training courses in social and

17. In addition at December 31, 2015, the Group maintained direct net exposures in derivatives whose reasonable value was EUR 2,070 million, as well as indirect net exposures in derivatives whose reasonable value was EUR 25 million.

224


2015 ANNUAL REPORT

environmental matters to risk teams as well as to those responsible for business of all the areas involved.

In 2015, the Group took part in funding 55 projects under the Equator principles. The total amount of debt in these 55 projects amounts to EUR 29,953 million.

During the second half of 2015, the Bank’s social-environmental task force, led by the Chief Compliance Officer, with representatives of the Compliance, Corporate Communications, Marketing and Research, Risks, Business, Internal Governance and Legal Counsel corporate areas, has carried out a project to analyse and improve the status of social-environmental policies. The analysis has been based on a benchmarking exercise with six of Santander’s peers who have a similar size and geographical location, including the most important NGO (Non-Governmental Organisations) trends in this field.

As a result of this analysis, improvements to socio-environmental policies were proposed and were approved by the Bank’s board of directors on 22 December 2015. The proposals will now be gradually applied in the different Santander geographies.

Sector wide policies establish the criteria used to limit financial activities relating to the defence, energy and soft commodities (e.g. products such as palm oil, soy and timber) sectors. These policies prohibit banks from funding certain activities, and place restrictions on others (transactions which will be closely monitored due to their social and environmental risk, and which will only be approved if they meet certain requirements). The review of policies not only includes new activities and sectors, but also defines a broader scope of application compared to those applied until 2015, given that the restricted transactions are applied across the board in wholesale banking, and the bans are applied to all transactions.

D.1.5. Credit risk cycle

The process of credit risk management consists of identifying, analysing, controlling and deciding on the risks incurred by the Group’s operations. The business areas, senior management and the risk areas are all involved.

The board and the executive risk committee take part in the process, to set the risk policies and procedures, the limits and delegation of powers, and approve and supervise the framework of the risk function.

The risk cycle has three phases: pre-sale, sale and post-sale. The process is constantly revised, incorporating the results and conclusions of the after-sale phase to the study of risk and presale planning.

1. Study of risk and credit classification process

2. Planning (Commercial strategic plan - CSP) and setting of limits• Analysis of scenarios

3. Establishing limits / pre-approved limits

4. Decision on operations• Mitigants

5. Monitoring6. Measurement and control7. Recovery management

• Impaired and restructured portfolio

CONTROL

Pre-sale Sale Post-sale

RISK CYCLE

D.1.5.1. Study of risk and credit rating processGenerally speaking, risk study consists of analysing a customer’s capacity to meet his contractual commitments with the Bank and other creditors. This entails analysing the customer’s credit quality, risk operations, solvency and profitability to be obtained on the basis of the risk assumed.

With this objective, since 1993 the Group has made use of models to allocate customer solvency classifications, which are known as ratings. These mechanisms are used in the wholesale segment (sovereign, financial institutions and corporate banking), as well as the rest of companies and institutions in this category.

The rating is the result of a quantitative model based on balance sheet ratios or macroeconomic variables, which is supplemented by the expert advice of the analyst.

The ratings given to customers are regularly reviewed, incorporating the latest available financial information and experience in the development of banking relations. The regularity of the reviews increases in the case of customers who reach certain levels in the automatic warning systems and in those classified as special watch. The rating tools are also revised in order to adjust the accuracy of the rating granted.

While ratings are used for wholesale and other companies and institutions, scoring techniques are used more commonly for the individuals and SMEs segment. In the latter type, a score is assigned to the customer for decision making, as set out in the ‘Decisions on operations’ section.

225


2015 ANNUAL REPORT


2. Planning (Commercial strategic plan-CSP) and setting of limits• Analysis of scenarios





CONTROL


RISK CYCLE

D.1.5.2. Planning (Strategic Commercial Plan)The purpose of this phase is to limit efficiently and comprehensively the risk levels assumed by the Group.

The credit risk planning process serves to set the budgets and limits at portfolio level. Planning is articulated via the strategic commercial plan, ensuring the conjunction of the business plan, the credit policy on the basis of the risk appetite and of the necessary resources to achieve it. It has come about, therefore, as a joint initiative between the commercial area and risks, and is meant to be not only a management tool but also a form of teamwork.

The highest executive risk committee of each entity is responsible for authorising the monitoring the plan. It is validated and monitored at corporate level.

The SCPs are used to arrange the map of all the Group’s lending portfolios.

Analysis of scenariosIn line with what is described in section B.3.3. Analysis of scenarios of this Report, credit risk scenario analysis enables senior management to better understand the portfolio’s evolution in the face of market conditions and changes in the environment. It is a key tool for assessing the sufficiency of the provisions made and the capital to stress scenarios.

These exercises are carried out for all the Group’s relevant portfolios and are articulated as follows:

• Definition of reference scenarios (at both the global level as well as for each of the Group’s units).

• Determining the value of the risk parameters and metrics (probability of default, loss at default, etc) to different scenarios.

• Estimated expected loss associated with each one of the scenarios put forward and the other important credit risk metrics deriving from the parameters obtained (NPLs, provisions, ratios, etc.).

• Analysis of the evolution of the credit risk profile at the portfolio, segment, unit and Group levels in the face of different scenarios and compared to previous years.

The simulation models employed by the Group use data from a complete economic cycle in order to calibrate the performance of risk factors in the face of changes in macroeconomic variables. These models are submitted to backtesting processes and regular fine tuning

in order to guarantee they reflect correctly the relationship between macroeconomic variables and risk parameters.

A series of controls and comparisons are run to ensure that the metrics and calculations are adequate, thus completing the process.

The projections of the risk and loss parameters, normally with a time frame of three years, are executed under various economic scenarios which include the main macroeconomic variables (GDP, unemployment rate, house prices, inflation, etc).

The economic scenarios defined are backed by different levels of stress, from the baseline scenario or the most probable one to stress scenarios which, although unlikely, are possible.

These scenarios are defined by Grupo Santander’s research department in coordination with the counterparts of each unit and using as a reference the figures published by the main international institutions.

A global stress scenario is defined describing a world crisis situation and the way it would affect each of the countries in which the Grupo Santander operates. In addition, a local stress scenario is defined which affects in an isolated way some of the main units and with a greater degree of stress than the global stress scenario.

The entire process takes place within a corporate governance framework, and is thus adapted to the growing importance of this framework and to best market practices, assisting the Group’s senior management in obtaining knowledge and decision making.


2. Planning (Commercial strategic plan - CSP) and setting of limits • Analysis of scenarios

3. Establishing limits/ pre-approved limits




CONTROL


RISK CYCLE

D.1.5.3. Establishing limits / pre-approved limitsLimits are planned and established using documents agreed between the business and risk areas and approved by the executive risk committee or committees delegated by it, and in which the expected results of business, in terms of risk and return are set out, as well as the limits to which this activity is subject and management of the associated risks by group / customer.

At the same time, in the wholesale sphere and the rest of companies and institutions analysis is conducted at the client level. When certain circumstances concur, the client is assigned an individual limit (pre-approved limit).

226


2015 ANNUAL REPORT

In this way, a pre-classification model based on a system for measuring and monitoring economic capital is used for large corporate groups. The result of pre-classification is the maximum risk level that a client or group can assume in terms of amount of maturity. A more streamlined version of pre-approved limits is used for those companies which meet certain requirements (high knowledge, rating, etc).


2. Planning (Commercial strategic plan - CSP) and setting of limits • Analysis of scenarios





CONTROL


RISK CYCLE

D.1.5.4. Decisions on operationsThe sales phase consists of the decision-taking process which analyses and resolves operations. Approval by the risks area is a prior requirement before contracting any risk operation. This process must take into account the policies defined for approving operations and take into consideration both the risk appetite as well as those elements of the operation that are relevant in the search for the right balance between risk and profitability.

In the sphere of individual customers, companies and SMEs with lower revenue, large volumes of credit operations can be managed more easily with the use of automatic decision models for classifying the customer/transaction binomial. Lending is classified into homogeneous risk groups, on the basis of the information on the features of the operation and of its owner.

As already indicated, the prior phase of setting limits can follow two different paths, giving rise to different types of decision in the sphere of companies:

• Automatic and verifying if there is capacity for the proposed operation (in amount, product, maturity and other conditions) within the limits authorised under the framework of pre- classification. This process is generally applied to corporate pre- classifications.

• Always requiring the authorisation of the analyst although the operation meets the amount, maturity and other conditions set in the pre-approved limit. This process applies to the pre-classification of companies under individualised management of retail banking.

Credit risk mitigation techniquesGrupo Santander applies various forms of credit risk reduction on the basis, among other factors, of the type of client and product. As we will later see, some are inherent in specific operations (for example, real estate guarantees) while others apply to a series of operations (for example, netting and collateral).

The various mitigation techniques can be grouped into the following categories:

Determination of a net balance by counterpartyNetting is the possibility of determining a net balance between operations of the same type, under the umbrella of a framework agreement such as ISDA or similar.

It consists of aggregating the positive and negative market values of derivative transactions that Santander has with a certain counterparty, so that in the event of default it owes (or Santander owes, if the net is negative) a single net figure and not a series of positive or negative values corresponding to each operation closed with the counterparty.

An important aspect of the contracts framework is that they represent a single legal obligation that covers all operations. This is fundamental when it comes to being able to net the risks of all operations covered by the contract with a same counterparty.

Real guaranteesThese are those goods that are subject to compliance with the guaranteed obligation and which can be provided not only by the client but also by a third party. The real goods or rights that are the object of the guarantee can be:

• Financial: cash, deposit of securities, gold, etc.

• Non-financial: property (both homes as well as commercial premises, etc), other property goods.

From the standpoint of risk admission, the highest level of real guarantees is required. In order to calculate the regulatory capital, only those guarantees that meet the minimum qualitative requirements set out in the Basel agreements are taken into consideration.

A very important example of a real financial guarantee is collateral. This is a series of instruments with a certain economic value and high liquidity that are deposited/transferred by a counterparty in favour of another in order to guarantee/reduce the credit risk of the counterparty that could result from portfolios of transactions of derivatives with risk existing between them.

The nature of these agreements is diverse, but whatever the specific form of collateralisation, the final purpose, as in the netting technique, is to reduce the counterparty risk.

The operations subject to the collateral agreement are regularly valued (normally day to day) and, on the net balance resulting from this valuation, the parameters defined in the contract are applied so that a collateral amount is obtained (normally cash or securities), which is to be paid to or received from the counterparty.

As regards property collaterals, there are regular re-appraisal processes, based on real market values for the different types of property, which meet all the requirements set by the regulator.

227


2015 ANNUAL REPORT

Implementation of the mitigation techniques follows the minimum requirements established in the manual of credit risk management policies, and consists of ensuring:

• Legal certainty. The possibility of legally requiring the settlement of guarantees must be examined and ensured at all times.

• The lack of substantial positive correlation between the counterparty and the value of the collateral.

• The correct documentation of all guarantees.

• The availability of documentation of the methodologies used for each mitigation technique.

• Adequate monitoring and regular control.

Personal guarantees and credit derivativesThis type of guarantees corresponds to those that place a third party in a position of having to respond to obligations acquired by another to the Group. It includes, for example, sureties, guarantees, stand-by letters of credit, etc. The only ones that can be recognised, for the purposes of calculating capital, are those provided by third parties that meet the minimum requirements set by the supervisor.

Credit derivatives are financial instruments whose main objective is to cover the credit risk by acquiring protection from a third party, through which the bank transfers the issuer risk of the underlying asset. Credit derivatives are over the counter (OTC) instruments that are traded in non-organised markets. The coverage with credit derivatives, mainly through credit default swaps, is contracted with front line banks.

The information on mitigation techniques is in ‘Credit risk reduction techniques of the Prudential Relevance Report (Pillar III)’. There is also more information on credit derivatives in the section ‘Activity in credit derivatives’ in section D.1.4.1. Credit risk by activity in financial markets of this Report.







CONTROL


RISK CYCLE

D.1.5.5. Monitoring / AnticipationMonitoring is a continuous process of constant observation, which allows changes that could affect the credit quality of clients to be detected early on, in order to take measures to correct the deviations that impact negatively.

Monitoring is based on segmentation of customers, and is carried out by local and global risk dedicated teams, supplemented by internal audit. In the individuals model, this function is carried out through customer behaviour assessment models.

The function consists, among other things, of identifying and tracking clients under special monitoring, reviewing ratings and continuous monitoring of indicators of standardised clients.

The system called companies in special monitoring (FEVE) identifies four levels on the basis of the degree of concern arising from the circumstances observed (extinguish, secure, reduce, monitor). The inclusion of a company in FEVE does not mean there have been defaults, but rather the advisability of adopting a specific policy toward that company and establishing the person and time frame for it. Clients in FEVE are reviewed at least every six months, and every quarter for the most serious cases. A company can end up in special watch as a result of monitoring, a review conducted by internal audit, a decision of the person responsible for the company or the entry into functioning of the system established for automatic warnings.

Ratings are reviewed at least every year, but if weaknesses are detected, or on the basis of the rating, it is done more regularly.

As regards the risks of individual clients, businesses and SMEs with a low turnover, the main indicators are monitored in order to detect shifts in the performance of the loan portfolio with respect to the forecasts made in the credit management programmes.





5. Monitoring6. Measurement

and control7. Recovery management


CONTROL


RISK CYCLE

D.1.5.6. Measurement and controlAs well as monitoring clients’ credit quality, Grupo Santander establishes the control procedures needed to analyse the current credit risk profile and its evolution, through different credit risk phases.

The function is developed by assessing the risks from various perspectives that complement one another, establishing as the main elements control by countries, business areas, management models, products, etc, facilitating early detection of points of specific attention, as well as preparing action plans to correct any deteriorations.

228


2015 ANNUAL REPORT

Each element of control admits two types of analysis:

1. Quantitative and qualitative analysis of the portfolio Analysis of the portfolio controls, permanently and systematically, the evolution of risk with respect to budgets, limits and standards of reference, assessing the impacts of future situations, exogenous as well as those resulting from strategic decisions, in order to establish measures that put the profile and volume of the risks portfolio within the parameters set by the Group.

The credit risk control phase uses, among others and in addition to traditional metrics, the following metrics:

• CMN (Change in Managed NPLs plus net write-offs)

The CMN measures how NPLs change during a period, discounting write-offs and taking loan loss recoveries into account.

It is an aggregate measure at portfolio level that allows a response to deteriorations observed in the evolution of NPLs.

It is the result of the final balance less the initial balance of non- performing loans of the period under consideration, plus the write-offs in this period less loan loss recoveries in the same period.

The VMG and its components play a key role as variables of monitoring.

• Expected loss (EL) and capital

Expected loss is the estimate of the economic loss that would occur during the next year of the portfolio existing at a given moment.

It is one more cost of activity, and must impact on the price of operations. Its calculation is mainly based on three parameters:

• Exposure at Default (EaD): maximum amount that could be lost as a result of a default.

• Probability of Default (PD): the probability of a client’s default during the year.

• Loss Given Default (LGD): this reflects the percentage of exposure that could not be recovered in the event of a default. It is calculated by discounting at the time of the default the amounts recovered during the whole recovery process and this figure is then compared in percentage terms with the amount owed by the client at that moment.

Other relevant aspects regarding the risk of operations are covered, such as quantification of off-balance sheet exposures or the expected percentage of recoveries, related to the guarantees associated with the operation, as well as other issues such as the type of product, maturity, etc.

The risk parameters also enable economic and regulatory capital to be calculated. The integration in management of the metrics of capital is vital for rationalising its use. More detail is available in chapter D.8. Capital risk.

2.- Evaluation of the control processesEvaluation of the control processes includes systematic and regular revision of the procedures and methodology, developed throughout the credit risk cycle, in order to guarantees their effectiveness and validity.

In 2006, within the corporate framework established in the Group for compliance with the Sarbanes Oxley law, a corporate tool was established in the Group’s intranet to document and certificate all the sub processes, operational risks and controls that mitigate them. The risks division assesses every year the efficiency of internal control of its activities.





5. Monitoring6. Measurement and control7. Recovery management • Impaired and

restructured portfolio

CONTROL


RISK CYCLE

D.1.5.7. Recovery managementRecovery activity is a significant element in the Bank’s risk management. This function is carried out by the recovery area, which defines a global strategy and an enterprise wide focus on recovery management.

The Group has a corporate management model which sets the guidelines and general lines of action to be applied in the various countries, always taking into account the local particularities that the recovery activity requires (economic environment, business model or a mixture of both). The recovery areas are business areas that directly manage clients; the corporate model thus has a business focus, whose creation of value on a sustained basis is based on effective and efficient collection management, whether by regularisation of balances pending payment or by total recovery.

The recovery management model requires adequate co-ordination of all the management areas (business of recoveries, commercial, technology and operations, human resources and risks). It is subject to constant review and continuous improvement in the processes and management methodology that sustain it, through applying the best practices developed in the various countries.

In order to conduct recovery management adequately, it is done in four phases: irregularity or early non-payment, recovery of non-performing loans, recovery of write-offs and management of foreclosed assets. Indeed, the recovery function begins before the first non-payment when the client shows signs of deterioration and ends when the debt has been paid or regularised. The function aims to anticipate non-compliance and is focused on Pre-saletive management.

The current macroeconomic environment directly impacts the non-payment index and customers’ bad loans. The quality of portfolios is thus fundamental for the development and growth of our businesses in different countries. Debt reimbursement and recovery functions

229


2015 ANNUAL REPORT

are given a special and continuous focus, in order to ensure that this quality always remains within the expected levels.

The diverse features of our clients makes segmentation necessary in order to manage recoveries adequately. Massive management of large collectives of clients with similar profiles and products is conducted through processes with a high technological component, while personalised management focuses on customers that, because of their profile, require a specific manager and more individualised management.

Recovery activity has been aligned with the socio-economic reality of various countries and different risk management mechanisms, with adequate criteria of prudence, have been used on the basis of their age, guarantees and conditions, always ensuring, as a minimum, the required classification and provisions.

Particular emphasis in the recovery function is placed on management of the aforementioned mechanisms for early management, in line with corporate policies, taking account of the various local realities and closely tracking vintages, stocks and performance. These policies are renewed and regularly adopted in order to reflect both the better management practices as well as the regulatory changes applied.

As well as measures focused on adapting operations to the client’s payment capacity, also noteworthy is recovery management seeking solutions other than judicial ones for advance payment of debts.

One of the ways to recover debt from clients, who have suffered a severe deterioration in their repayment capacity, is repossession (judicial or in lieu of payment) of the real estate assets that serve as guarantees of the loans. In countries with a high exposure to real estate risk, such as Spain, there are very efficient sales management instruments which enable the capital to be returned to the bank and reduce the stock in the balance sheet at a much faster speed than the rest of banks.

230

2015 ANNUAL REPORT

Risk profile > Trading market risk and structural risks5. Risk management report

D.2. Trading market risk and structural risks


We will first describe the activities subject to market risk, setting out the different types and risk factors.

Then we will look at each one of the market risks on the basis of the finality of the risk, distinguishing the risk of market trading and structural risks, and, within the latter, structural risks of the balance sheet and pension and actuarial risks.

The most relevant aspects to take into account such as the principal magnitudes and their evolution are set out for each type of risk, the methodologies and metrics employed in Santander and the limits used for their control.

D.2.1. Activities subject to market risk and types of market risk

The scope of activities subject to market risk includes transactions in which net worth risk is borne due to changes in market factors. Thus they include trading risks and also structural risks which are also affected by market shifts.

This risk comes from the change in risk factors—interest rates, inflation rates, exchange rates, share prices, the spread on loans, commodity prices and the volatility of each of these elements— as well as from the liquidity risk of the various products and markets in which the Group operates.

• Interest rate risk is the possibility that changes in interest rates could adversely affect the value of a financial instrument, a portfolio or the Group as a whole. It affects loans, deposits, debt securities, most assets and liabilities in the trading books and derivatives, among others.

• Inflation rate risk is the possibility that changes in inflation rates could adversely affect the value of a financial instrument, a portfolio or the Group as a whole. It affects instruments such as loans, debt securities and derivatives, whose return is linked to inflation or to an actual change in the rate.

• Exchange rate risk is the sensitivity of the value of a position in a currency different to the base currency to a potential movement in exchange rates. Hence, a long or open position in a foreign currency will produce a loss if that currency depreciates against the base currency. Among the positions affected by this

231

2015 ANNUAL REPORT


risk are the Group’s investments in subsidiaries in non-euro currencies, as well as any foreign currency transactions.

• Equity risk is the sensitivity of the value of positions opened in equities to adverse movements in the market prices or in expectations of future dividends. Among other instruments, this affects positions in shares, stock market indices, convertible bonds and derivatives using shares as the underlying asset (put, call, and equity swaps).

• Credit spread risk is the risk or sensitivity of the value of positions opened in fixed income securities or in credit derivatives to movements in credit spread curves or in recovery rates associated with issuers and specific types of debt. Spread is the difference between financial instruments that quote with a margin over other benchmark instruments, mainly the IRR of Government bonds and interbank interest rates.

• Commodities price risk is the risk derived from the effect of potential changes in prices. The Group’s exposure to this risk is not significant and is concentrated in derivative operations on commodities with clients.

• Volatility risk is the risk or sensitivity of the value of a portfolio to changes in the volatility of risk factors: interest rates, exchange rates, shares, credit spreads and commodities. This risk is incurred by all financial instruments whose valuation model has volatility as a variable. The most significant case are financial options portfolios.

All these market risks can be partly or fully mitigated by using options, futures, forwards and swaps.

There are other types of market risk, whose coverage is more complex. They are as follows:

• Correlation risk. Correlation risk is the sensitivity of the portfolio to changes in the relationship between risk factors (correlation), either of the same type (for example, two exchange rates) or different types (for example, an interest rate and the price of a commodity).

• Market liquidity risk. Risk when a Group entity or the Group as a whole cannot reverse or close a position in time without having an impact on the market price or the cost of the transaction. Market liquidity risk can be caused by the reduction in the number of market makers or institutional investors, the execution of a large volume of transactions, or the instability of the markets. It increases as a result of the concentration of certain products and currencies.

• Prepayment or cancellation risk. When the contractual relationship in certain transactions explicitly or implicitly permits the possibility of early cancellation without negotiation before maturity, there is a risk that the cash flows may have to be reinvested at a potentially lower interest rate. It affects mainly mortgage loans or mortgage securities.

• Underwriting risk. This occurs as a result of an entity’s participation in underwriting a placement of securities or another type of debt, assuming the risk of partially owning the issue or the loan due to non-placement of all of it among potential buyers.

Pension and actuarial risks, which are described later on, also depend on shifts in market factors.

On the basis of the finality of the risk, activities are segmented in the following way:

a) Trading: financial services to customers and purchase-sale and positioning mainly in fixed-income, equity and currency products. The SGCB (Santander Global Corporate Banking) division is mainly responsible for managing it.

b) Structural risks: we distinguish between balance sheet risks and pension and actuarial risks:

b.1) Structural balance sheet risks: market risks inherent in the balance sheet excluding the trading portfolio. Management decisions on these risks are taken by the ALCO committees of each country in coordination with the Group’s ALCO committee and are executed by the financial management division. This management seeks to inject stability and recurrence into the financial margin of commercial activity and to the Group’s economic value, maintaining adequate levels of liquidity and solvency. The risks are:

• Structural interest rate risk: this arises from mismatches in the maturities and repricing of all assets and liabilities.

• Structural exchange rate risk/hedging: Exchange rate risk occurs when the currency in which the investment is made is different from the euro in companies that consolidate and those that do not (structural exchange rate). In addition, this item also includes positions of exchange rate hedging of future results generated in currencies other than the euro (hedging of results).

• Structural equity risk: this involves investments via stakes in financial or non-financial companies that are not consolidated, as well as portfolios available for sale formed by equity positions.

b.2) Pension and actuarial risk

• Pension risk: the risk assumed by the Bank in relation to the pension commitments with its employees. The risk lies in the possibility that the fund does not cover these commitments in the period of accrual of the provision and the profitability obtained by the portfolio is not sufficient and obliges the Group to increase the level of contributions.

• Actuarial risk: unexpected losses produced as a result of an increase in the commitments with the insurance takers, as well as losses from an unforeseen rise in costs.

232

Risk profile > Trading market risk and structural risks

2015 ANNUAL REPORT5. Risk management report

D.2.2. Trading market risk

D.2.2.1. Key figures and change over timeGrupo Santander’s trading risk profile remained relatively low in 2015, in line with previous years, due to the fact that traditionally the Group's activity has been focused on providing services to its customers, with limited exposure to complex structured products and diversification by geographic area and risk factor.

D.2.2.1.1. VaR analysis18

During the 2015 year, Grupo Santander maintained its strategy of concentrating its trading activity on customer business, minimising where possible exposures of directional risk opened in net terms. This was seen in the VaR evolution of the SGCB trading portfolio, which was around the average of the last three years and ended 2015 at EUR 13.6 million29.

MIN (8.2)

JAN

20

13

MA

R 2

013

MA

Y 20

13

JUL

2013

SEP

2013

NO

V 2

013

JAN

20

14

MA

R 2

014

MA

Y 20

14

JUL

2014

SEP

2014

NO

V 2

014

JAN

20

15

MA

R 2

015

MA

Y 20

15

JUL

2015

SEP

2015

NO

V 2

015

DEC

20

15

35

30

25

20

15

10

5

VaR 2013-2015: change over timeMillion euros. VaR at a 99% over a one day horizon.

— VaR— 15-day moving average — 3-year average VaR

MAX (31.0)

VaR during 2015 fluctuated between EUR 10.3 million and EUR 31 million. The most significant changes were related to changes in exchange rate and interest rate exposure and also market volatility.

The average VaR in 2015 was EUR 15.6 million, very similar to the two previous years (EUR 16.9 million in 2014 and EUR 17.4 million in 2013).

The following chart shows a frequency histogram of risk measured in terms of VaR between 2013 and 2015. The accumulation of days with levels of between EUR 9.5 and 23 million (96%) is shown. Values of higher than EUR 23 million (3.2%) largely occur in periods mainly affected by temporary spikes in volatility mainly in the Brazilian real against the dollar and also interest rates during the Greek bail-out period.

VaR risk histogramVaR at a 99% over a one day horizon. Number of days (%) in each range.

Num

ber o

f day

s (%

)

<9.5

0.8%

11

2.6%

12.5

10.0%

14

11.5%

15.5

16.3%

17

14.7%

18.5

12.5%

20

15.1%21

.5

8.4%

23

5.0%

> 23

3.2%

VaR in million euros

18. Value at Risk. The VaR definition and calculation methodology is in section D.2.2.2.1. Value at Risk (VaR)

19. Regarding trading activity in financial markets of SGCB (Santander Global Corporate Banking). As well as the trading activity of SGCB, there are other positions catalogued for accounting purposes. The total VaR of trading of this accounting perimeter was EUR 14.5 million.

233



Risk per factor The following table displays the average and latest VaR values at 99% by risk factor over the last three years, and the lowest and highest values in 2015 and the Expected Shortfall (ES) at 97.5%20 at the close of 2015:

VaR statistics and Expected Shortfall by risk factor 21, 22 Million euros, VaR at 99% and ES at 97.5% with one day time horizon.

Total

2015 2014 2013

VaR (99%)ES

(97.5%)

Latest

VaR VaR

Minimum Average Maximum Latest Average Latest Average Latest

10.3 15.6 31.0 13.6 14.0 16.9 10.5 17.4 13.1

Diversification effect (5.0) (11.1) (21.3) (5.8) (5.7) (13.0) (9.3) (16.2) (12.3)

trad

ing

Interest rate 9.7 14.9 28.3 12.7 12.7 14.2 10.5 12.7 8.5

Equities 1.0 1.9 3.8 1.1 1.1 2.7 1.8 5.6 4.7

aTo

tl

Exchange rates 1.6 4.5 15.2 2.6 2.4 3.5 2.9 5.4 4.7

Credit spread 1.9 5.2 13.7 2.9 3.4 9.3 4.6 9.6 7.2

Commodities 0.0 0.2 0.6 0.1 0.1 0.3 0.1 0.3 0.3

Total 7.4 11.6 24.8 11.1 11.2 12.2 7.3 13.9 9.9


Euro

pe

Interest rate 6.1 10.6 25.1 10.9 10.7 8.9 6.2 9.3 6.6

Equities 0.8 1.4 2.9 1.0 1.0 1.7 1.0 4.3 2.6

Exchange rates 0.7 3.3 10.7 1.9 1.8 2.9 1.5 5.2 3.7

Credit spread 1.6 4.4 11.5 2.8 3.4 7.6 3.9 9.0 5.8

Commodities 0.0 0.2 0.6 0.1 0.1 0.3 0.1 0.3 0.3

Total 5.4 10.6 27.4 9.7 6.7 12.3 9.8 11.1 6.9

eric

a


n A

m Interest rate 5.7 10.7 27.2 9.3 6.4 11.8 9.8 9.6 5.9

Equities 0.5 1.5 3.2 0.5 0.6 2.1 3.0 3.2 2.9

Lati

Exchange rates 0.7 3.2 8.2 4.3 1.3 2.0 9.2 3.5 4.7

Total 0.3 0.9 2.0 0.9 0.8 0.7 0.7 0.8 0.5

d si

a


S n

AU

a

Interest rate 0.2 0.8 1.6 0.8 0.8 0.7 0.7 0.7 0.5

Equities 0.0 0.1 1.8 0.0 0.0 0,1 0.0 0.1 0.0

Exchange rates 0.2 0.4 1.1 0.4 0.3 0.3 0.2 0.4 0.2

Total 0.3 1.6 3.0 0.4 0.3 2.3 1.9 1.5 2.0

tivi

ties

Diversification effect 0.1 (0.6) (2.7) (0.2) (0.1) (0.6) (0.6) (0.3) (0.5)

al a

c Interest rate 0.0 0.5 3.0 0.1 0.0 0.6 0.4 0.3 0.4

Credit spread 0.3 1.6 2.8 0.4 0.0 2.2 1.9 1.5 2.1

Glo

b

Exchange rates 0.0 0.0 0.2 0.0 0.3 0.0 0.2 0.1 0.0

20. These types of measures are outlined in section D.2.2.2.2. Stressed VaR (sVaR) and Expected Shortfall (ES). Following the recommendation of the BCBS in its Fundamental review of the trading book: a revised market risk framework (October 2013), the confidence level of 97.5% means approximately a risk level similar to that which the VaR captures with a 99% confidence level.

21. The VaR of global activities includes operations that are not assigned to any particular country.

22. In Latin America, United States and Asia, the VaR levels of the credit spread and commodity factors are not shown separately because of their scant or zero materiality.

234



At the end of 2015, VaR had increased by EUR 3 million against 2014, although average VaR was down by EUR 1.4 million. By risk factor, the average VaR increased in interest rates and in exchange rates, while it fell in equities and credit spread. By geographies, it slightly increased in the United States/Asia, while it was down in the other geographies.

The VaR evolution by risk factor in general was stable in the last few years. The transitory rises in VaR of various factors is explained more by transitory increases in the volatility of market prices than by significant changes in positions.

25

20

15

10

5

0

— VaR interest rate— VaR equities — VaR exchange rate

— VaR credit spread — VaR commodities

Jan

2013

Mar

20

13

May

20

13

Jul 2

013

Sep

2013

Nov

20

13

Jan

2014

Mar

20

14

May

20

14

Jul 2

014

Sep

2014

Nov

20

14

Jan

2015

Mar

20

15

May

20

15

Jul 2

015

Sep

2015

Nov

20

15

Dec

20

15

VaR by risk factor: change over timeMillion euros. VaR at a 99% with one day time horizon (15 day moving average).

Lastly, the table below compares the VaR figures with stressed VaR25 figures for trading activity of the two portfolios with highest average VaR in 2015.

Stressed VaR vs. VaR in 2015: main portfoliosMillion euros. Stresses VaR and VaR at 99% with one-day time horizon.

Min Average Max Latest

VaR (99%) 4.0 8.9 15.9 8.8Spain-G10

Stressed VaR (99%) 11.4 19.4 26.8 13.5

VaR (99%) 4.5 9.5 25.6 9.4Brazil

Stressed VaR (99%) 8.1 16.6 39.9 14.2

D.2.2.1.2. Gauging and backtesting measuresThe real losses can differ from the forecasts by the VaR for various reasons related to the limitations of this metric, which are set out in detail later in the section on the methodologies. The Group regularly analyses and contrasts the accuracy of the VaR calculation model in order to confirm its reliability.

The most important test consists of backtesting exercises, analysed at the local and global levels and in all cases with the same methodology. Backtesting consists of comparing the forecast VaR measurements, with a certain level of confidence and time frame, with the real results of losses obtained in a same time frame. This can detect anomalies in the VaR model of the portfolio in question to be detected (for example, shortcomings in the parameterisation of the valuation models of certain instruments, not very adequate proxies, etc).

Santander calculates and evaluates three types of backtesting:

• 'Clean' backtesting: the daily VaR is compared with the results obtained without taking into account the intraday results or the changes in the portfolio’s positions. This method contrasts the effectiveness of the individual models used to assess and measure the risks of the different positions.

• Backtesting on complete results: the daily VaR is compared with the day’s net results, including the results of the intraday operations and those generated by commissions.

• Backtesting on complete results without mark-ups or fees: the daily VaR is compared with the day’s net results from intraday operations but excluding those generated by mark-ups and commissions. This method aims to give an idea of the intraday risk assumed by the Group’s treasuries.

For the first case and for the total portfolio, there were four exceptions of Value at Earnings (VaE)24 at 99% in 2015 (days on which daily profit was higher than VaE) on 15 January, 23 January, 19 May and 3 December. These were primarily caused by strong shifts in the euro’s exchange rates against the Swiss franc and the pound, and of the euro and dollar against the Brazilian real. The high VaE levels at the end of the year were due to the depreciation of the Argentinian peso after exchange restrictions in the country were lifted.

There was also an exception of VaR at 99% (days on which the daily loss was higher than the VaR) on 24 September, caused mainly, as in the above cases, by high volatility in exchange rates, in this case of the euro and dollar against the Brazilian real.

The number of exceptions responded to the expected performance of the VaR calculation model, which works with a confidence level of 99% and an analysis period of one year (over a longer period of time, an average of two or three exceptions a year is expected).

23. Described in section D.2.2.2.2. Stressed VaR (sVaR) and Expected Shortfall (ES).

24. The VaE definition and calculation methodology is in section D.2.2.2.1. Value at Risk (VaR).

235



2 Ja

n 20

13

19 F

eb 2

013

8 A

pr 2

013

26 M

ay 2

013

13 Ju

l 20

13

30 A

ug 2

013

17 O

ct 2

013

4 D

ec 2

013

21 Ja

n 20

14

10 M

ar 2

014

27 A

pr 2

014

14 Ju

n 20

14

1 aU

G 2

014

18 S

ep 2

014

5 N

ov 2

014

23 D

ec 2

014

9 Fe

b 20

15

29 M

ar 2

015

19 M

ay 2

015

3 Ju

l 20

15

20 A

ug 2

015

7 O

ct 2

015

24 N

ov 2

015

31 D

ec 2

015

60

45

30

15

0

-15

-30

-45

Backtesting of trading portfolios: daily results vs. previous day’s VaR Million euros

— Clean P&L

— VaE 99%

— VaE 95%

— VaR 99%

— VaR 95%

D.2.2.1.3. Distribution of risks and management results25

Geographic distributionIn trading activity, the average contribution of Latin America to the Group’s total VaR in 2015 was 45.1% compared with a contribution of 39.7% in economic results. Europe, with 53.6% of global risk, contributed 54% of results. In relation to prior years, there was a gradual homogenisation in the profile of activity in the Group’s different units, focused generally on providing service to professional and institutional clients.

Below is the geographic contribution (by percentage) to the Group total, both in risks, measured in VaR terms, as well as in results, measured in economic terms.

70%

60%

50%

40%

30%

20%

10%

0%

Binomial VaR - Management results: Geographic distributionAverage VaR (at 99% with a 1 day time horizon) and Annual cumulative management P&L (EUR mn), % of annual totals.

Latin America

Ann

ual

man

agem

ent

P&L

Ann

ual

man

agem

ent

P&L

Ann

ual

man

agem

ent

P&L

Ann

ual

man

agem

ent

P&L

Ave

rage

an

nual

VaR

Ave

rage

an

nual

VaR

Ave

rage

an

nual

VaR

Ave

rage

an

nual

VaR

2013

2013

2013

2013

2013

2013

2013

2013

2014

2014

2014

2014

2014

2014

2014

2014

2015

2015

2015

2015

2015

2015

2015

2015

Europe US and Asia Global Activities

Annual management P&L

2013 2014 2015

Average annual VaR

2013 2014 2015

25. Results in terms similar to Gross Margin (excluding operating costs, the financial would be the only cost).

236



Distribution of risk by timeThe following chart shows the risk assumption profile, in terms of VaR, compared to results in 2015. The average VaR remained relatively stable, albeit with higher values in the second quarter, while results evolved in a more regular way during the first half of the year, and were lower in the second half.

January February March April May June July August September October November December

15%

10%

5%

0%

Temporary distribution of risks and P/L in 2015: percentages of annual totalsVaR (at 99% with a 1 day time horizon) and annual cumulative management P&L (EUR mn), % of annual totals.

Monthly management P&L Monthly average VaR

The following frequency histogram shows the distribution of daily economic results on the basis of their size between 2013 and 2015. It shows that on over 97.4% of days on which the markets were open daily returns28 were in a range of between -EUR 15 and +15 million.

2.4

16.2

27.9

9.2

5.0

1.0 1.0

36.7

<-20

.0

-15.

0

-10

.0

-5.0

0.0 5.0

10.0

15.0

20.0

> 20

.0

Num

ber o

f day

s (%

)

Daily (MtM) management P&L frequency histogram Daily management P&L ‘clean’ of fees and intraday operations (EUR mn). Number of days (%) in each range.

0.1 0.4

26. Yields ‘clean’ of fees and results of intraday derivative operations.

237



D.2.2.1.4. Risk management of derivativesDerivatives activity is mainly focused on marketing investment products and hedging risks for clients. Management is focused on ensuring that the net risk opened is the lowest possible.

These transactions include options on equities, fixed-income and exchange rates. The units where this activity mainly takes place are: Spain, Santander UK, and, to a lesser extent, Brazil and Mexico.

The chart below shows the VaR Vega27 performance of structured derivatives business over the last three years. It fluctuated at around an average of EUR 6 million. In general, the periods with higher

VaR levels related to episodes of significant rises in volatility in the markets. The evolution of VaR Vega in the second quarter of 2013 was the result of the increased volatility of euro and US dollar interest rate curves, coinciding with a strategy of hedging client operations of significant amounts.

Although in 2015, VaR Vega was similar to the previous year in the first quarter of the year, in the two next quarters it was affected by high market volatility due to events such as Greece’s bail-out, high stock market volatility in China or Brazil’s currency depreciation and rating downgrade, as well as the BRL’s strong depreciation against the euro and the dollar.

24

22

20

18

16

14

12

10

8

6

4

2

— VaR Vega— 15-day moving average

Change in risk over time (VaR) of the derivatives businessMillion euros. VaR vega at a 99% over a one day horizon.

Jan

2013

Mar

20

13

May

20

13

Jul 2

013

Sep

2013

Nov

20

13

Jan

2014

Mar

20

14

May

20

14

Jul 2

014

Sep

2014

Nov

20

14

Jan

2015

Mar

20

15

May

20

15

Jul 2

015

Sep

2015

Nov

20

15

Dec

20

15As regards the VaR by risk factor, on average, the exposure was concentrated, in this order, in interest rates, equities, exchange rates and commodities. This is shown in the table below:

Financial derivatives. Risk (VaR) by risk factorMillion euros. VaR at a 99% over a one day horizon.

2015 2014 2013


Total VaR Vega 2.6 6.8 12.8 7.0 3.3 2.7 8.0 4.5

Diversification effect (0.0) (2.3) (3.9) (1.7) (2.1) (2.6) (3.8) (2.7)

VaR Interest rate 1.7 6.5 12.6 7.3 2.4 1.7 6.6 4.1

VaR equities 0.7 1.5 2.4 0.8 1.8 2.0 3.4 1.8

VaR exchange rate 0.4 1.1 2.1 0.6 1.2 1.6 1.7 1.3

VaR commodities 0.0 0.1 0.4 0.0 0.0 0.1 0.1 0.1

27. Vega, a Greek term, means here the sensitivity of the value of a portfolio to changes in the price of market volatility.

238



Exposure by business unit was concentrated in Spain, Santander UK, Mexico and Brazil (in that order).

Financial derivatives. Risk (VaR) by unitMillion euros. VaR at a 99% over a one day horizon.

2015 2014 2013


Total VaR Vega 2.6 6.8 12.8 7.0 3.3 2.7 8.0 4.5

Spain 1.3 6.6 12.6 6.9 2.4 1.5 7.0 3.8

Santander UK 0.6 0.9 1.3 0.9 1.4 0.9 2.2 1.6

Brazil 0.3 0.7 1.5 0.4 0.8 0.7 1.2 0.9

Mexico 0.2 0.8 1.8 0.3 0.9 1.3 1.2 1.2

The average risk in 2015 (EUR 6.8 million) is slightly lower compared to 2013 and higher than in 2014, for the reasons explained above.

Grupo Santander continues to have a very limited exposure to instruments or complex structured vehicles, reflecting a management culture one of whose hallmarks is prudence in risk management. At the end of 2015, the Group had:

• Hedge funds: the total exposure is not significant (EUR 219.8 million at close of December 2015) and most of it is indirect, largely acting as counterparty in derivatives transactions, and also in financing transactions for those funds. This exposure has low loan-to-value levels of around 16.7% (collateral of EUR 1,225.1 million at the close of December). The risk with this type of counterparty is analysed case by case, establishing percentages of collateralisation on the basis of the features and assets of each fund.

• Monolines: Santander’s exposure to bond insurance companies (monolines) was, EUR 137.9 million as of December 2015 , mainly indirect exposure, EUR 136.1 million28 by virtue of the guarantee provided by this type of entity to various financing or traditional securitisation operations. The exposure in this case is to double default, with the primary underlying assets are of high credit quality. The small remaining amount is direct exposure (for example, via purchase of protection from the risk of non- payment by any of these insurance companies through a credit default swap). Exposure was virtually unchanged vs. 2014.

In short, the exposure to this type of instrument, as the result of the Group’s usual operations, continued to decline in 2015. This was mainly due to the integration of positions of institutions acquired by the Group, as Sovereign in 2009. All these positions were known at the time of purchase, having been duly provisioned. These positions, since their integration in the Group, have been notably reduced, with the ultimate goal of eliminating them from the balance sheet.

Santander’s policy for approving new transactions related to these products remains very prudent and conservative. It is subject to strict supervision by the Group’s senior management. Before approving a new transaction, product or underlying asset, the risks division verifies:

• The existence of an appropriate valuation model to monitor the value of each exposure: Mark-to-Market, Mark-to-Model or Mark-to-Liquidity.

• The availability in the market of observable data (inputs) needed to be able to apply this valuation model.

And provided these two points are always met:

• The availability of appropriate systems, duly adapted to calculate and monitor every day the results, positions and risks of new operations.

• The degree of liquidity of the product or underlying asset, in order to make possible their coverage when deemed appropriate.

D.2.2.1.5. Issuer risk in trading portfoliosTrading activity in credit risk is mainly conducted in the Treasury Units in Spain. It is done by taking positions in bonds and credit default swaps (CDS) at different maturities on corporate and financial references, as well as indexes (Itraxx, CDX).

The accompanying table shows the major positions at year-end in Spain, distinguishing between long (purchases of bonds and sales of CDS protection) and short (sales of bonds and purchases of CDS protection) positions.

28. Collateral provided by monoline in bonds issued by US states (Municipal Bonds), which amounted to EUR 19.1 million at December 2015, are not considered to be exposure.

239



Million euros. Data at 31 December 2015

Largest ‘long’ positions (sale of protection)

Largest ‘short’ positions (purchase of protection)

Exposure at default (EAD) % total EAD

Exposure at default (EAD) % total EAD

1st reference 131 5.09% (32) 4.30%

2nd reference 124 4.82% (25) 3.36%

3rd reference 59 2.29% (23) 3.09%

4th reference 56 2.10% (23) 3.09%

5th reference 51 1.98% (20) 2.68%

Sub-total top 5 419 16.29% (124) 16.64%

Total 2.572 100.00% (745) 100.00%

Note: zero recoveries are supposed (LCR=0) in the EaD calculation

D.2.2.1.6. Analysis of scenariosVarious stress scenarios were calculated and analysed regularly in 2015 (at least monthly) at the local and global levels for all the trading portfolios and using the same risk factor assumptions.

Maximum volatility scenario (worst case)This scenario is given particular attention as it combines historic movements of risk factors with an ad-hoc analysis in order to reject very unlikely combinations of variations (for example, sharp falls in stock markets together with a decline in volatility). A historic volatility equivalent to six standard deviations is

applied. The scenario is defined by taking for each risk factor the movement which represents the greatest potential loss in the portfolio, rejecting the most unlikely combinations in economic-financial terms. At year-end, that scenario implied, for the global portfolio, rising interest rates in Latin American markets and low interest rates in core markets, falls in stock markets, depreciation of all currencies against the euro, and widening credit spreads and volatility. The results for this scenario at 31 December 2015 are shown in the following table.

Stress scenario: Maximum volatility (worst case) Million euros. Data at 31 December 2015

Interest rates Equities Exchange rates Credit spread Commodities Total

Total Trading (130.1) (3.3) (10.4) (20.2) (0.1) (164.2)

Europe (119.7) (1.5) (0.3) (19.8) (0.1) (141.4)

Latin America (10.2) (1.8) (10.1) 0.0 0.0 (22.1)

US 0.0 0.0 0.0 0.0 0.0 0.0

Global Activities (0.3) 0.0 0.0 (0.4) 0.0 (0.7)

Asia 0.0 0.0 0.0 0.0 0.0 0.0

The stress test shows that the economic loss suffered by the Group in its trading portfolios, in terms of the mark to market (MtM) result, would be, if the stress movements defined in the scenario materialised in the market, EUR 164.2 million. This loss would be concentrated in Europe (in the following order: interest rates, credit spread and equities) and Latin America (in the following order: interest rates, exchange rates and equities).

Other global stress scenariosAbrupt crisis: an ad hoc scenario with sharp market movements. Rise in interest rate curves, sharp falls in stock markets, large appreciation of the dollar against other currencies, rise in volatility and in credit spreads.

11 September crisis: historic scenario of the 11 September 2001 attacks with a significant impact on the US and global markets. This is sub-divided into two scenarios: I) maximum accumulated loss until the worst moment of the crisis; and II) the maximum loss in a day. In both cases, there are drops in stock markets and in interest rates in core markets and rises in emerging markets, and the dollar appreciates against other currencies.

‘Subprime’ crisis: historic scenario of the US mortgage crisis. The objective of the analysis is to capture the impact on results of the reduction in liquidity in the markets. Two time horizons were used (one day and 10 days), in both cases there are falls in stock markets and in interest rates in core markets and rises in emerging markets, and the dollar appreciates against other currencies.

240



EBA adverse scenario: the scenario proposed by the European Banking Authority (EBA) in April 2014 as part of the EBA 2014 EU-Wide Stress Test. This involves an adverse scenario for European banks over a time horizon from 2014 to 2016. The scenario reflects the systemic risks considered the most serious threats to the stability of the European Union’s banking sector. These include: an increase in bond yields worldwide; incremental deterioration of credit quality in countries with weak demand; political reforms grinding to a halt, endangering the sustainability of public finances; and insufficient adjustments to balance sheets to maintain reasonable market finance.

This latter scenario replaced the sovereign debt crisis scenario in November 2014. This historic scenario identified four geographic zones (the US, Europe, Latin America and Asia) and included interest rate rises, falls in stock markets and volatilities, widening credit spreads, and depreciation of the euro and Latin American currencies, and appreciation of Asian currencies, against the dollar.

Every month a consolidated stress test report is drawn up with explanations of the main changes in results for the various scenarios and units. An early warning mechanism has also been established so that when the loss for a scenario is high in historic terms and/or in terms of the capital consumed by the portfolio in question, the relevant business executive is informed.

The results of these global scenarios for the last three years are shown in the following table:

2013 2014 2015200

100

0

-100

-200

-300

-400

-500

-600

Worst case

Abrupt crisis

Historic 11S I

Historic 11S II

Crisis 0708 1d

Crisis 07 08 10d

EBA Adverse

Stress test results. Comparison of the 2013-2015 scenarios (annual averages)Million euros

241



D.2.2.1.7. Linkage with balance sheet items. Other alternative risk measuresBelow are the balance sheet items in the Group’s consolidated position that are subject to market risk, distinguishing the positions whose main risk metric is VaR from those where monitoring is carried out with other metrics. The items subject to market trading risk are highlighted.

Relation of risk metrics with balances in group’s consolidated position Million euros. Data at 31 December 2015.

Balance sheet

amount

Main market risk metric

Main risk factor for ‘Other’ balanceVaR Other

Assets subject to market risk 1,340,260 198,357 1,141,903 Cash and deposits at central banks 81,329 - 81,329 Interest rateTrading portfolio 147,287 146,102 1,185 Interest rate, credit spreadOther financial assets at fair value 45,043 44,528 515 Interest rate, credit spreadAvailable-for-sale financial assets 122,036 - 122,036 Interest rate, equitiesInvestments 3,251 - 3,251 EquitiesHedging derivatives 7,727 7,727 - Interest rate, exchange rateLoans 835,992 - 835,992 Interest rateOther financial assets1 35,469 - 35,469 Interest rateOther non-financial assets2 62,126 - 62,126 Liabilities subject to market risk 1,340,260 168,582 1,171,678 Trading portfolio 105,218 104,888 330 Interest rate, credit spreadOther financial liabilities at fair value 54,768 54,757 11 Interest rate, credit spreadHedging derivatives 8,937 8,937 - Interest rate, exchange rateFinancial liabilities at amortised cost3 1,039,517 - 1,039,517 Interest rateProvisions 14,494 - 14,494 Interest rateOther financial liabilities 8,352 - 8,352 Interest rateEquity 98,753 - 98,753 Other non-financial liabilities 10,221 - 10,221

1. Includes adjustments to macro hedging, non-current assets held for sale, reinsurance assets, and insurance contracts linked to pensions and fiscal assets.

2. Includes intangible assets, material assets and other assets.

3. Macro-hedging adjustment.

For activity managed with metrics other than VaR, alternative measures are used, mainly: sensitivity to different risk factors (interest rate, credit spread, etc).

In the case of the trading portfolio, the securitisations and 'level III' exposures (those in which non-observable market data constitutes a significant input in the corresponding internal valuation models) are excluded from the VaR measurement.

Securitisations are mainly treated as if they were part of the credit risk portfolio (in terms of default, recovery rate, etc). For 'level III' exposures, which are not very significant in Grupo Santander (basically derivatives linked to the home price index —HPI— in market activity in Santander UK, and interest rate and correlation derivatives for share prices in the parent bank’s market activity), as well as in general for inputs that cannot be observed in the market (correlation, dividends, etc), a very conservative policy is followed: this is reflected in valuation adjustments as well as sensitivity.

D.2.2.2. Methodologies

D.2.2.2.1. Value at Risk (VaR)The standard methodology that Grupo Santander applies to trading activities is Value at Risk (VaR), which measures the maximum expected loss with a certain confidence level and time frame. The standard for historic simulation is a confidence level of 99% and a time frame of one day. Statistical adjustments are applied enabling the most recent developments affecting the levels of risk assumed to be incorporated efficiently and quickly. A time frame of two years or at least 520 days from the reference date of the VaR calculation is used. Two figures are calculated every day: one applying an exponential decay factor that accords less weight to the observations furthest away in time and another with the same weight for all observations. The higher of the two is reported as the VaR.

Value at Earnings (VaE) is also calculated. This measures the maximum potential gain with a certain level of confidence and time frame, applying the same methodology as for VaR.

242



VaR by historic simulation has many advantages as a risk metric (it sums up in a single number the market risk of a portfolio; it is based on market movements that really occurred without the need to make assumptions of functions forms or correlations between market factors, etc), but also has limitations.

Some limitations are intrinsic to the VaR metrics, regardless of the methodology used in their calculation, including:

• The VaR calculation is calibrated at a certain level of confidence, which does not indicate the levels of possible losses beyond it.

• There are some products in the portfolio with a liquidity horizon greater than that specified in the VaR model.

• VaR is a static analysis of the risk of the portfolio, and the situation could change significantly during the following day, although the likelihood of this occurring is very low.

Using the historic simulation methodology also has its limitations:

• High sensitivity to the historic window used.

• Inability to capture plausible events that would have significant impact, if these do not occur in the historic window used.

• The existence of valuation parameters with no market input (such as correlations, dividend and recovery rate).

• Slow adjustment to new volatilities and correlations, if the most recent data receives the same weight as the oldest data.

Some of these limitations are overcome by using Stressed VaR and Expected Shortfall, calculating VaR with exponential decay and applying conservative valuation adjustments. Furthermore, as previously stated, the Group regularly conducts analysis and backtesting of the accuracy of the VaR calculation model.

D.2.2.2.2. Stressed VaR (sVaR) and Expected Shortfall (ES)In addition to standard VaR, Stressed VaR is calculated daily for the main portfolios. The calculation methodology is the same as for VaR, with the two following exceptions:

• The historical observation period for the factors: when calculating Stressed VaR a window of 260 observations is used, rather than 520 for VaR. However, this is not the most recent data: rather, the data used is from a continuous period of stress for the portfolio in question. This is determined for each major portfolio by analysing the history of a subset of market risk factors selected based on expert judgement and the most significant positions in the books.

• Unlike VaR, Stressed VaR is obtained using the percentile with uniform weighting, not the higher of the percentiles with exponential and uniform weightings.

Moreover, the Expected Shortfall (ES) is also calculated, estimating the expected value of the potential loss when this is higher than that returned by VaR. Unlike VaR, ES has the advantages of capturing the risk of large losses with low probability (tail risk) and being a subadditive metric29. Going forward, in the near term the Basel Committee has recommended replacing VaR with Expected Shortfall as the baseline metric for calculating regulatory capital for trading portfolios30. The Committee considers that ES with a 97.5% confidence interval delivers a similar level of risk to VaR at a 99% confidence interval. Equal weights are applied to all observations when calculating ES.

D.2.2.2.3. Analysis of scenariosThe Group uses other metrics in addition to VaR, giving it greater control over the risks it faces in the markets where it is active. These measures include scenario analysis. This consists of defining alternative behaviours for various financial variables and obtaining the impact on results of applying these to activities. These scenarios may replicate events that occurred in the past (such as a crisis) or determine plausible alternatives that are unrelated to past events.

The potential impact on earnings of applying different stress scenarios is regularly calculated and analysed, particularly for trading portfolios, considering the same risk factor assumptions. Three scenarios are defined, as a minimum: plausible, severe and extreme. Taken together with VaR, these reveal a much more complete spectrum of the risk profile.

A number of trigger thresholds have also been established for global scenarios, based on their historical results and the capital associated with the portfolio in question. When these triggers are activated, the portfolio managers are notified so they can take appropriate action. The results of the global stress exercises, and any breaches of the trigger thresholds, are reviewed regularly, and reported to senior management, when this is considered appropriate.

D.2.2.2.4. Analysis of positions, sensitivities and resultsPositions are used to quantify the net volume of the market securities for the transactions in the portfolio, grouped by main risk factor, considering the delta value of any futures or options. All risk positions can be expressed in the base currency of the unit and the currency used for standardising information. Changes in positions are monitored on a daily basis to detect any incidents, so they can be corrected immediately.

Measurements of market risk sensitivity estimate the variation (sensitivity) of the market value of an instrument or portfolio to any change in a risk factor. The sensitivity of the value of an instrument to changes in market factors can be obtained using

29. According to the financial literature, subaddivity is a desirable property for a coherent risk metric. This property establishes that f(a+b) is less than or equal to f(a)+f(b). Intuitively, it assumes that the more instruments and risk factors there are in a portfolio, the lower the risks, because of the benefits of diversification. Whilst VaR only offers this property for some distributions, ES always does so.Fundamental review of the trading book: a revised market risk framework (Basel Committee consultation document on banking supervision, October 2013).

30. Fundamental review of the trading book: a revised market risk framework (Consultative document of the Basel Committee on banking supervision, October 2013).

243



analytical approximations by partial derivatives or by complete revaluation of the portfolio.

In addition, the statement of income is also drawn up every day, providing an excellent indicator of risk, enabling us to identify the impact of changes in financial variables on the portfolios.

D.2.2.2.5. Derivatives activities and credit managementAlso noteworthy is the control of derivative activities and credit management which, because of its atypical nature, is conducted daily with specific measures. First, the sensitivities to price movements of the underlying asset (delta and gamma), volatility (vega) and time (theta) are controlled. Second, measures such as the sensitivity to the spread, jump-to-default, concentrations of positions by level of rating, etc, are reviewed systematically.

With regard to the credit risk inherent to trading portfolios, and in line with the recommendations of the Basel Committee on Banking Supervision and prevailing regulations, a further metric is also calculated: the Incremental Risk Charge (IRC). This seeks to cover the risks of non-compliance and ratings migration that are not adequately captured in VaR, through changes in the corresponding credit spreads. This metric is basically applied to fixed-income bonds, both public and private, derivatives on bonds (forwards, options, etc.) and credit derivatives (credit default swaps, asset backed securities, etc.). IRC is calculated using direct measurements of loss distribution tails at an appropriate percentile (99.9%), over a one year horizon. The Monte Carlo methodology is used, applying one million simulations.

D.2.2.2.6. Credit Valuation Adjustment (CVA) and Debt Valuation Adjustment (DVA)Grupo Santander incorporates credit valuation adjustment (CVA) and debt valuation adjustment (DVA) when calculating the results of trading portfolios. The CVA is a valuation adjustment of over the-counter (OTC) derivatives, as a result of the risk associated with the credit exposure assumed by each counterparty.

The CVA is calculated by taking into account the potential exposure with each counterparty in each future maturity. The CVA for a particular counterparty is therefore the sum of the CVAs over all such future terms. The following inputs are used:

• Expected exposure: including, for each operation the current market value (MtM) as well as the potential future risk (add-on) to each maturity. CVA also considers mitigating factors such as collateral and netting agreements, together with a decay factor for derivatives with interim payments.

• Severity: the percentage of final loss assumed in case of credit/ non-payment of the counterparty.

• Probability of default: for cases in which there is no market information (spread curve traded through CDS, etc.), general proxies generated on the basis of companies with listed CDS of the same sector and external rating as the counterparty are used.

• Discount factor curve.

The Debt Valuation Adjustment (DVA) is a valuation adjustment similar to the CVA, but in this case as a result of Grupo Santander’s risk that counterparties assume in OTC derivatives.

D.2.2.3. System for controlling limitsSetting market risk and liquidity limits is designed as a dynamic process which responds to the Group’s risk appetite level (described in section B.3.1. Risk appetite and structure of limits). This process is part of an annual limits plan drawn up by the Group’s senior management, involving every Group entity.

The market risk limits used in Grupo Santander are established based on different metrics and try to cover all activity subject to market risk from many perspectives, applying a conservative approach. The main ones are:

• VaR limits.

• Limits of equivalent and/or nominal positions.

• Interest rate sensitivity limits

• Vega limits.

• Delivery risk limits for short positions in securities (fixed income and securities).

• Limits to constrain the volume of effective losses, and protect results generated during the period:

• Loss trigger.

• Stop loss.

• Credit limits:

• Total exposure limit.

• Jump to default by issuer limit.

• Others.

• Limits for origination transactions.

These general limits are complemented by other sub-limits to establish a sufficiently granular limits framework for effective control of the market risk factors to which the Group is exposed in its trading activities. Positions are monitored on a daily basis, at both the unit and global levels, with exhaustive control of changes to portfolios, so as to identify any incidents that might need immediate correction. Meanwhile, the daily drawing up of the income statement by the risks area is an excellent indicator of risks, as it allows the impact that changes in financial variables have had on portfolios to be identified.

244



Implementation of the Volcker Rule throughout the Group in July 2015 required activities to be reorganised to ensure compliance with this new regulation, the preparation of new metrics and the definition of limits at the desk level.

Three categories of limits were established based on the scope of approval and control: global approval and control limits, global approval limits with local control, and local approval and control limits. The limits are requested by the business executive of each country/entity, considering the particular nature of the business and so as to achieve the budget established, seeking consistency between the limits and the risk/return ratio. The limits are approved by the corresponding risk bodies.

Business units must comply with the approved limits at all times. In the event of a limit being exceeded, the local business executives have to explain, in writing and on the day, the reasons for the excess and the action plan to correct the situation, which in general might consist of reducing the position until it reaches the prevailing limits or setting out the strategy that justifies an increase in the limits.

If the business unit fails to respond to the excess within three days, the global business executives will be asked to set out the measures to be taken in order to make the adjustment to the existing limits. If this situation lasts for 10 days as of the first excess, senior risk management will be informed so that a decision can be taken: the risk takers could be made to reduce the levels of risk assumed.

D.2.3. Structural balance sheet risks31

D.2.3.1. Main figures and trendsThe market risk profile inherent in Grupo Santander’s balance sheet, in relation to its asset volumes and shareholders’ funds, as well as the budgeted financial margin, remained moderate in 2015, in line with previous years.

D.2.3.1.1. Structural interest rate riskEurope and the United StatesAgainst a backdrop of low interest rates, the main balance sheets in mature markets - the parent bank, the UK and the US - show positive economic value and net interest income sensitivities to interest rate rises.

Exposure levels in all countries are moderate in relation to the annual budget and equity levels.

At December 2015 , net interest income risk at one year, measured as sensitivity to parallel changes of ±100 basis points, was concentrated in the yield curve for the euro, at EUR 257 million, the Polish zloty, at EUR 83 million, and the US dollar, at EUR 78 million, all relating to risks of rate cuts.

Net interest income (NII) sensitivity32

% of total

Poland18.7%

US17.8%

United Kingdom4.5%

Other4.4%

Parent bank54.6%

Other: Portugal and SCF.

At the same date, the most relevant risk to the economic value of equity, measured as its sensitivity to parallel changes in the yield curve of ±100 basis points was in the euro interest rate curve, at EUR 3,897 million, for the risk of rate cuts. The amounts at risk for the dollar and sterling curves were EUR 691 million and EUR 488 million, respectively, also for rate cuts. These scenarios are extremely unlikely in practice at present.

Economic value of equity (EVE) sensitivity33

% of total

United Kingdom10.2%

Parent bank76.5%

Other2.1%US

11.2%

Other: Poland, Portugal and SCF.

The following tables set out the interest-rate risk of the balance sheets of the parent bank and Santander UK by maturity, at the end of 2015.

31. This includes the whole balance sheet with the exception of trading portfolios.

32. Sensitivity to the worst-case scenario between +100 and -100 basis points.


245



Parent bank: Interest rate repricing gap34

Million euros. 31 December 2015

Total 3 months 1 year 3 years 5 years >5 years Not sensitive

Assets 406,911 163,194 74,166 15,330 16,622 24,750 112,849

Liabilities 433,522 151,763 51,924 78,622 24,389 49,350 77,473

Off balance sheet 26,611 29,194 (1,607) 6,857 1,291 (9,124) 0

Net gap 0 40,626 20,635 (56,435) (6,477) (33,725) 35,376

Santander UK: Interest rate repricing gap35



Assets 354,986 189,895 35,303 67,239 26,452 13,757 22,340

Liabilities 353,850 203,616 31,591 29,027 19,161 33,939 36,516

Off balance sheet (1,137) (25,363) 1,736 14,713 (1,653) 9,430 0

Net gap 0 (39,083) 5,448 52,925 5,638 (10,752) (14,176)

In general, the gaps by maturities are kept at reasonable levels in relation to the size of the balance sheet.

Latin AmericaLatin American balance sheets are positioned for interest rate cuts for both economic value and net interest income, except for net interest income in Mexico, where excess liquidity is invested in the short term in the local currency.

In 2015, exposure levels in all countries were moderate in relation to the annual budget and capital levels.

At the end of the year, net interest income risk over one year, measured as sensitivity to parallel ± 100 basis point movements, was concentrated in three countries, Brazil (EUR 124 million), Mexico (EUR 37 million) and Chile (EUR 23 million), as shown in the chart below.

Net interest income (NII) sensitivity36

% of total

Other8.7%

Brazil61.7%

Chile11.2%

Mexico18.4%

Other: Argentina, Uruguay and Peru.

Risk to the value of equity over one year, measured as sensitivity to parallel ± 100 basis point movements, was also concentrated in Brazil (EUR 425 million), Mexico (EUR 180 million) and Chile (EUR 132 million).

Economic value of equity (EVE) sensitivity37

% of total

Other5.2%

Brazil54.6%

Chile17.0%

Mexico23.2%

Other: Argentina, Uruguay and Peru.

34. Aggregate gap for all currencies on the balance sheet of the parent bank unit, in euros.

35. Aggregate gap for all currencies on the balance sheet of the Santander UK unit, in euros.



246



The table below shows the interest-rate risk maturity structure of the Brazil balance sheet in December 2015.

Brazil: Interest rate repricing gap38



Assets 160,088 79,089 21,096 17,908 4,510 12,731 24,754

Liabilities 160,088 108,719 7,818 7,526 4,257 4,303 27,464

Off balance sheet 0 (20,886) 14,613 2,863 783 1,679 948

Net gap 0 (50,516) 27,890 13,246 1,036 10,106 (1,762)

Balance sheet structural interest rate VaRIn addition to sensitivities to interest rate movements (in which, assessments of ±100 bp movements are supplemented by assessments of ±25 bp, ±50 bp and ±75 bp movements to give a fuller understanding of risk in countries with very low rates), Santander also uses other methods to monitor structural balance sheet risk from interest rates: these include scenario analysis and VaR calculations, applying a similar methodology to that for trading portfolios.

The table below shows the average, minimum, maximum and year-end values of the VaR of structural interest rate risk over the last three years:

Balance sheet structural interest rate risk (VaR) Million euros. VaR at a 99% confidence interval over a one day horizon.

Minimum

2015

Average Maximum Latest

Structural interest rate VaR* 250.5 350.0 775.7 264.2

Diversification effect (90.8) (181.1) (310.7) (189.1)

Europe and US 171.2 275.2 777.0 210.8

Latin America 170.1 255.9 309.3 242.6

* Includes credit spread VaR on ALCO portfolios.

2014

Minimum Average Maximum Latest



Europe and US 412.9 523.0 704.9 412.9

Latin America 107.6 176.4 229.4 229.4


2013

Minimum Average Maximum Latest



Europe and US 607.7 792.5 922.0 670.0

Latin America 115.2 154.6 191.0 161.3


Structural interest rate risk measured in terms of VaR at a 99% confidence interval over a one year horizon averaged EUR 350 million in 2015. Of note is the wide diversification between the balance sheets in Europe and the United States on the one hand and those in Latin America on the other, as is the reduction in VaR in Europe and the USA.

D.2.3.1.2. Structural exchange-rate risk/Hedging of resultsStructural exchange rate risk arises from Group operations in currencies, mainly related to permanent financial investments, and the results and hedging of these investments.

This management is dynamic and seeks to limit the impact on the core capital ratio of movements in exchange rates39. In 2015, hedging levels of the core capital ratio for exchange rate risk were maintained at around 100%.

At the end of 2015, the largest exposures of permanent investments (with their potential impact on equity) were, in order, in pounds sterling, US dollars, Brazilian reais, Chilean pesos, Mexican pesos and Polish zlotys. The Group hedges some of these positions of a permanent nature with exchange-rate derivatives.

In addition, the Financial Management area is responsible for managing exchange-rate risk for the Group’s expected results and dividends in units where the base currency is not the euro.

D.2.3.1.3. Structural equity riskSantander maintains equity positions in its banking book in addition to those of the trading portfolio. These positions are maintained as available for sale portfolios (capital instruments) or as equity stakes, depending on their envisaged time in the portfolio.

The equity portfolio of the banking book at the end of 2015 was diversified in securities in various countries, mainly Spain, the USA, China, Brazil and the Netherlands. Most of the portfolio is invested in the financial and insurance sectors; other sectors, to a lesser extent, are professional, scientific and technical activities, public administrations (stake in Sareb), manufacturing industry, the transport sector and warehousing.

Structural equity positions are exposed to market risk. VaR is calculated for these positions using market price data series or proxies. At the end of December 2015, the VaR at 99% with a one day time frame was EUR 208.1 million (EUR 208.5 and EUR 235.3 million at the end of December 2014 and 2013, respectively).

38. Aggregate gap for all currencies on the balance sheet of the Brazil unit, in euros.

39. In early 2015, the criteria for coverage of the core capital ratio was changed from phase-in to fully loaded.

247



D.2.3.1.4. Structural VaRA standardised metric such as VaR can be used for monitoring total market risk for the banking book, excluding the trading activity of Santander Global Corporate Banking (the VaR for this activity is described in section D.2.2.1.1. VaR analysis) distinguishing between fixed income (considering both interest rates and credit spreads on ALCO portfolios), exchange rates and equities.

In general, structural VaR is not high in terms of the Group’s volume of assets or equity.

Structural VaRMillion euros. VaR at a 99% confidence interval over a one day horizon

2015 2014 2013


VaR estructural 561.6 698.5 883.5 710.2 718.6 809.8 857.6 733.9

Diversification effect (325.7) (509.3) (1.042.6) (419.2) (364.1) (426.1) (448.3) (380.2)

VaR Interest rate* 250.5 350.0 775.7 264.2 539.0 493.6 782.5 681.0

VaR exchange rate 428.7 634.7 908.6 657.1 315.3 533.8 254.5 197.8

VaR equities 208.1 223.2 241.8 208.1 228.4 208.5 269.0 235.3


D.2.3.2. Methodologies

D.2.3.2.1. Structural interest rate riskThe Group analyses the sensitivity of its net interest income and equity value to changes in interest rates. This sensitivity arises from gaps in maturity dates and the review of interest rates in the different asset and liability items.

The financial measures to adjust the positioning to that desired by the Group are agreed on the basis of the positioning of balance sheet interest rates, as well as the situation and outlook for the market. These measures range from taking positions in markets to defining the interest rate features of commercial products.

The metrics used by the Group to control interest rate risk in these activities are the repricing gap, the sensitivity of net interest income and of equity value to changes in interest rate levels, the duration of equity and Value at Risk (VaR), for the purposes of calculating economic capital.

Interest rate gap of assets and liabilitiesThis is the basic concept for identifying the entity's interest rate risk profile and measuring the difference between the volume of sensitive assets and liabilities on and off the balance sheet that

reprice (i.e. that mature or are subject to rate revisions) at certain times (buckets). This provides an immediate approximation of the sensitivity of the entity's balance sheet and its net interest income and equity value to changes in interest rates.

Net interest income (NII) sensitivityThis is a key measure of the profitability of balance sheet management. It is calculated as the difference in the net interest income resulting from a parallel movement in interest rates over a particular period. The standard period for measuring net interest income sensitivity is one year.

Economic value of equity (EVE) sensitivityThis measures the interest rate risk implicit in equity value - which for the purposes of interest rate risk is defined as the difference between the net current value of assets and the net current value of liabilities outstanding - based on the impact that a change in interest rates would have on these values.

Treatment of liabilities without defined maturityIn the corporate model, the total volume of the balances of accounts without maturity is divided between stable and unstable balances. This separation between stable and unstable balances is obtained from a model that is based on the relation between balances and their own moving averages.

248

2015 ANNUAL REPORT


From this simplified model, the monthly cash flows are obtained and used to calculate NII and EVE sensitivities.

This model requires a variety of inputs:

• Parameters inherent in the product.

• Performance parameters of the client (in this case analysis of historic data is combined with the expert business view)

• Market data

• Historic data of the portfolio.

Pre-payment treatment for certain assetsThe pre-payment issue mainly affects fixed-rate mortgages in units where the relevant interest rate curves for the balance sheet are at low levels. This risk is modelled in these units, and this can also be applied, with some modifications, to assets without defined maturity (credit card businesses and similar).

The usual techniques used to value options cannot be applied directly because of the complexity of the factors that determine borrower pre-payments. As a result, the models for assessing options must be combined with empirical statistical models that seek to capture pre-payment performance. Some of the factors conditioning this performance are:

• Interest rate: the differential between the fixed rate on the mortgage and the market rate at which it could be refinanced, net of cancellation and opening costs.

• Seasoning: pre-payment tends to be low at the start of the instruments life cycle (signing of the contract) and grow and stabilize as time passes.

• Seasonality: redemptions or early cancellations tend to take place at specific dates.

• Burnout: decreasing trend in the speed of pre-payment as the instrument’s maturity approaches, which includes:

a) Age: defines low rates of pre-payment.

b) Cash pooling, defines as more stable those loans that have already overcome various waves of interest rate falls. In other words, when a portfolio of loans has passed one or more cycles of downward rates and thus high levels of pre-payment, the 'surviving' loans have a significantly lower pre-payment probability.

c) Others: geographic mobility, demographic, social and available income factors, etc.

The series of econometric relations that seek to capture the impact of all these factors is the probability of pre-payment of a loan or pool of loans and is denominated the pre-payment model.

Value at Risk (VaR)For balance sheet activity and investment portfolios, this is defined as the 99% percentile of the distribution function of losses in equity value, calculated based on the current market value of positions and returns over the last two years, at a particular level of

statistical confidence over a certain time horizon. As with trading portfolios, a time frame of two years or at least 520 days from the reference date of the VaR calculation is used.

D.2.3.2.2. Structural exchange-rate risk/Hedging of resultsThese activities are monitored via position measurements, VaR and results, on a daily basis.

D.2.3.2.3. Structural equity riskThese activities are monitored via position measurements, VaR and results, on a monthly basis.

D.2.3.3. System for controlling limitsAs already stated for the market risk of trading, under the framework of the annual limits plan, limits are set for balance sheet structural risks, responding to Grupo Santander’s risk appetite level.

The main ones are:

• Balance sheet structural interest rate risk

• Limit on the sensitivity of net interest income to one year.

• Limit of the sensitivity of equity value.

• Structural exchange rate risk:

• Net position in each currency (for hedging positions of results).

In the event of exceeding one of these limits or their sub limits, the relevant risk management executives must explain the reasons and facilitate the measures to correct it.

D.2.4. Pension and actuarial risks

D.2.4.1. Pension riskWhen managing the pension fund risks of employees (defined benefit), the Group assumes the financial, market, credit and liquidity risks it incurs for the assets and investment of the fund, as well as the actuarial risks derived from the liabilities, and the responsibilities for pensions to its employees.

The Group’s objective in the sphere of controlling and managing pension risk focuses on identifying, measuring, monitoring, mitigating and communicating this risk. The Group’s priority is thus to identify and mitigate all the focuses of risk.

This is why the methodology used by Grupo Santander estimates every year the combined losses in assets and liabilities in a defined stress scenario from changes in interest rates, inflation, stocks markets and properties, as well as credit and operational risk.

Main figures The main figures for the pension funds of employees with defined contribution plans are set out in note 25 of the Group’s auditor’s report and annual consolidated financial statements, which report the details and movements of provisions for pensions, as well as the main hypotheses used to calculate the actuarial risk and the risk of the fund, including changes in the value of assets and liabilities and details of the investment portfolios assigned to them.

249

2015 ANNUAL REPORT


The investor profile of the aggregated portfolio of employees’ pension funds is medium-low risk, as around 65% of the total portfolio is invested in fixed-income assets, as set out in the following chart:

Other*8%

Fixed income65%

Monetary1%

Equities15%

Real estate11%

* Includes positions in hedge funds, private equity and derivatives

Figures as of 31 December 2015

D.2.4.2. Actuarial riskActuarial risk is produced by biometric changes in the life expectancy of those with life assurance, from the unexpected increase in the indemnity envisaged in non-life insurance and, in any case, from unexpected changes in the performance of insurance takers in the exercise of the options envisaged in the contracts.

The following are actuarial risks:

Risk of life liability: risk of loss in the value of life assurance liabilities caused by fluctuations in risk factors that affect these liabilities:

• Mortality/longevity risk: risk of loss from movements in the value of the liabilities deriving from changes in the estimation of the probability of death/survival of those insured.

• Morbidity risk: risk of the loss from movements in the value of the liabilities deriving from changes in estimating the probability of disability/incapacity of those insured.

• Redemption/fall risk: risk of loss from movements in the value of the liabilities as a result of the early cancellation of the contract, of changes in the exercise of the right of redemption by the insurance holders, as well as options of extraordinary contribution and/or suspending contributions.

• Risk of costs: risk of loss from changes in the value of the liabilities derived from negative variances in envisaged costs.

• Catastrophe risk: losses caused by catastrophic events that increase the entity’s life liability.

Risk of non-life liability: risk of loss from the change in the value of the non-life insurance liability caused by fluctuations in risk factors that affect these liabilities:

• Premium risk: loss derived from the insufficiency of premiums to cover the disasters that might occur.

• Reserve risk: loss derived from the insufficiency of reserves for disasters, already incurred but not settled, including costs from management of these disasters.

• Catastrophe risk: losses caused by catastrophic events that increase the entity’s non-life liability.

Main figures In the case of Grupo Santander, actuarial risk embraces the activity of the Group’s fully-owned subsidiaries, which are subject not only to risk of an actuarial nature, but whose activity is also impacted by the other financial, non-financial and transversal risks defined by the Group.

As of 31 December 2015, the volume of assets managed by the companies in Spain and Portugal that belong 100% to Grupo Santander amounted to EUR 25,956 million, of which EUR 21,444 million relates directly to commitments with insurance holders, as follows:

• EUR 14,663 million are commitments guaranteed (wholly or partly) by the companies themselves.

• EUR 6,781 million are commitments where the risks are assumed by the insurance holders.

250

Risk profile > Liquidity risk and funding5. Risk management report

2015 ANNUAL REPORT

D.3. Liquidity risk and funding

Structure of this section

Following an introduction to the concept of liquidity risk and funding in Grupo Santander [pag. 250], we present the liquidity management framework put in place by the Group, including monitoring and control of liquidity risk [pag. 250-254].

We then look at the funding strategy developed by the Group and its subsidiaries over the last few years [pag. 254-256], with particular attention to the evolution of liquidity in 2015. For the last year, we examine changes in the liquidity management ratios and the business and market trends that gave rise to these [pag. 256-260].

The section ends with a qualitative description of the prospects for funding for the next year for the Group and its main countries [pag. 260].

D.3.1. Introduction to the treatment of liquidity risk and funding

• Santander has developed a funding model based on autonomous subsidiaries responsible for covering their own liquidity needs.

• This structure makes it possible for Santander to take advantage of its solid retail banking business model in order to maintain comfortable liquidity positions at Group level and in its main units, even during stress in the markets.

• In the last few years, as a result of the economic and regulatory changes arising from the global economic and financial crisis, it has been necessary to adapt the funding strategies to new commercial business trends, market conditions and new regulatory requirements.

• In 2015, Santander continued to improve in specific aspects based on a very comfortable liquidity position at the level of the Group and in the subsidiaries, with no significant changes in liquidity management or funding policies or practices. All of this enables us to face 2016 from a good starting point, with no restrictions on growth.

Liquidity management and funding have always been basic elements in Banco Santander’s business strategy and a fundamental pillar, together with capital, in supporting its balance sheet strength.

The Group adopts a decentralised funding model, based on autonomous subsidiaries that are self-sufficient in their liquidity needs. Each subsidiary is responsible for covering the liquidity needs of its current and future activity, either through deposits captured from its customers in its area of influence or through recourse to the wholesale markets in which it operates, within a management and supervision framework coordinated at the Group level.

The funding structure has shown its great effectiveness in situations of high levels of market stress, as it prevents the difficulties of one area from affecting the funding capacity of other areas, and thus of the Group as a whole, as could happen in the case of a centralised funding model.

Moreover, at Grupo Santander this funding structure benefits from the advantages of a solid retail banking model with a significant presence in ten high potential markets, focused on retail clients and high efficiency. All of this gives our subsidiaries substantial capacity to attract stable deposits, as well as a strong issuance capacity in the wholesale markets of these countries, generally in their own currency, backed by the strength of their franchise and belonging to a leading group.

D.3.2. Liquidity management

Management of structural liquidity aims to fund the Group’s recurring activity in optimum conditions of maturity and cost, avoiding the assumption of undesired liquidity risks.

Santander’s liquidity management is based on the following principles:

• Decentralised liquidity model.

• Needs derived from medium- and long-term activity must be financed by medium- and long -term instruments.

• High contribution from customer deposits, derived from the retail nature of the balance sheet.

• Diversification of wholesale funding sources by instruments/investors, markets/currencies and terms.

• Limited recourse to wholesale short-term funding.

251


2015 ANNUAL REPORT

• Availability of sufficient liquidity reserves, including the discounting capacity in central banks to be used in adverse situations.

• Compliance with regulatory liquidity requirements required at Group and subsidiary level, as a new conditioning factor in management.

The effective application of these principles by all the institutions that comprise the Group required the development of a unique management framework built upon three essential pillars:

• A solid organisational and governance model that ensures the involvement of the senior management of subsidiaries in decision-taking and its integration into the Group’s global strategy.

• In-depth balance sheet analysis and measurement of liquidity risk, supporting decision-taking and its control.

• Management adapted in practice to the liquidity needs of each business.

D.3.2.1. Organisational model and governanceThe decision-making process for all structural risks, including liquidity and funding risk, is carried out by local asset and liability committees (ALCO) in coordination with the global ALCO.

The global ALCO is the body empowered by Banco Santander’s board to coordinate asset and liability management (ALM) throughout the Group, including liquidity and funding management, which is conducted via the local ALCOs and in accordance with the corporate ALM framework.

This body is chaired by the Bank’s executive chairman and comprises an executive vice-chairman (who is, in turn, chairman of the executive risk committee), the chief executive officer, the chief financial officer, the senior executive vice president for risk and other senior executives responsible for the business and analysis units who provide advice.

In line with these principles and the ALM corporate framework, the function of liquidity and funding management is supported by:

• The board of directors, as the highest body responsible for management of the Group.

• The local ALCO committees, which define at each moment the objective liquidity positioning and strategies to ensure and/or anticipate the funding needs of their business, always within the risk appetite set by the board and regulatory requirements.

• The global ALCO committee, which conducts the parent bank’s ALM management, as well as coordinating and monitoring the function in the Group’s other units.

• The Financial Management area, which manages on a day to day basis, conducting analysis, proposing strategies and carrying out the measures adopted within the positioning defined by the ALCOs.

• The Market Risk area, responsible for on-going monitoring and control of compliance with the limits established. This independent control function is completed a posteriori by regular reviews conducted by Internal Audit.

• All of this supported by an independent Operations area that guarantees the integrity and quality of the information used for managing and controlling liquidity.

Governance-Grupo Santander: liquidity and funding risk Decision making structure and functions

Finance DivisionAnalysisActive senior

management participationFinance Division

ProposalsBoard of directors Global and

Decision local ALCOs

ALCO globalFinance DivisionExecution

ALCO local ALCO localMonitoring and Market and structural

ALCO local control risks area

The Global ALCO is tasked by the board with coordinating the ALM function throughout the Group, including liquidity and funding management

252


2015 ANNUAL REPORT

This governance model has been strengthened over the last few years by being integrated into a more global vision of the Group’s risks: Santander’s risk appetite framework. This framework meets the demands of regulators and market players emanating from the financial crisis to strengthen banks’ risk management and control systems.

The liquidity risk profile and appetite aims to reflect the Group’s strategy for developing its businesses, which consists of structuring the balance sheet in the most resistant way possible to potential liquidity stress scenarios Liquidity appetite metrics have been put in place that reflect the application of the principles of the Group’s liquidity management model at the individual level, with specific levels for the structural funding ratio and minimum liquidity horizons under various stress scenarios, as indicated in the following sections.

In parallel, analysis is being carried out of a range of scenarios to consider the additional needs that might arise in the face of various events with very serious features, even if their probability of occurrence is very low. These could affect various balance sheet items and sources of funding in different ways (renewal of wholesale funding, outflows of deposits, impairment of liquid assets, etc), whether through conditions in global markets or specific to the Group.

Over the next few years, the metrics used in the liquidity risk appetite framework will be enhanced with the incorporation of those monitored and controlled by the financial management area at Group level and the main units, be they regulatory metrics or of any other type.

The new metrics used in 2015 were the Net Stable Funding Ratio (NSFR) and the Liquidity Coverage Ratio (LCR). The former measures the relationship between structural funding sources and needs, whilst the latter is a regulatory ratio that measures the strength of a bank in the face of a short-term (30 day) liquidity crisis, through its high-quality liquid assets.

D.3.2.2. Balance sheet analysis and measurement of liquidity riskDecision-making on liquidity and funding is based on a deep understanding of the Group’s current situation (environment, strategy, balance sheet and state of liquidity), of the future liquidity needs of the various units and businesses (projection of liquidity), as well as access to and the situation of funding sources in the wholesale markets.

The objective is to ensure the Group maintains optimum levels of liquidity to cover its short and long-term needs with stable funding sources, optimising the impact of its cost on the income statement.

This requires monitoring of the structure of balance sheets, forecasting short and medium-term liquidity and establishing the basic metrics.

1. Group strategy

5. Stressed funding markets

2. Current liquidity situation

3. Balance sheet and liquidity requirements projections

4. Balance sheet under stress

Liquidity analysis

Balance sheet analysis and measurement of liquidity risk

The inputs for drawing up the Group’s various contingency plans are obtained from the results of the analysis of balance sheets, forecasts and scenarios, which, in turn, enable a whole spectrum of potential adverse circumstances to be anticipated.

All these actions are in line with the practices being fostered by the Basel Committee and the various regulators (in the European Union, the European Banking Authority) to strengthen the liquidity of banks. Their objective is to define a framework of principles and metrics that, in some cases, are close to being implemented and, in others, still being developed.

The first ILAAP (Internal Liquidity Adequacy Assessment Process) was carried out in 2015. This comprises an internal self-assessment process of the adequacy of liquidity, which must be integrated into the Group’s other risk management and strategic processes. The ILAAP addresses both quantitative and qualitative aspects. All of the Group’s units have maintained robust liquidity levels, in both the baseline scenario and under potential stress scenarios. Although our supervisor (SSM) did not require us to undertake this exercise in 2015, it did use it as in input in the SREP (Supervisory Review and Evaluation Process) and for Pillar II requirements.

The content of the ILAAP largely shares the liquidity management structure we have been developing over recent years. It includes a qualitative block, which describes our business model, the organisation of our subsidiaries, the organisation of our liquidity management, the controls put in place, and governance and reporting to the governance bodies. The qualitative block analyses liquidity through metrics criteria and stress scenarios, at both the group and subsidiary level. The methodology used by the Group in this analysis over recent years is set out in the following sections.

Fuller details on the measures, metrics and analysis used by the Group and its subsidiaries to manage and control liquidity risk are set out below:

Methodology for monitoring and controlling liquidity risk. The Group’s liquidity risk metrics aim to:

• Achieve greater efficiency in measuring and controlling liquidity risk.

• Support financial management, with measures adapted to the form of managing the Group’s liquidity.

253


2015 ANNUAL REPORT

• Alignment with the regulatory requirements derived from the transposition of Basel III in the European Union, in order to avoid conflicts between limits and facilitate management.

• Serve as an early warning system, anticipating potential risk situations by monitoring certain indicators.

• Achieve the involvement of countries. The metrics are developed on the basis of common and homogeneous concepts that affect liquidity, but they require analysis and adaptation by each unit.

There are two types of basic metrics used to control liquidity risk: short term and structural. The first category basically includes the liquidity gap and the second one the balance sheet’s net structural position. As an additional element, the Group develops various stress scenarios. Further details of three of these metrics are as follows:

a) Liquidity gapThe liquidity gap provides information on the potential cash inflows and outflows, both contractual and estimated, over a certain period of time by applying certain hypotheses. The liquidity gap is drawn up for each of the main entities and each of the main currencies in which the Group operates.

In practice, and given the different performances of a particular item in the Group’s subsidiaries, there are common standards and methodologies to homogenize the construction of the liquidity risk profiles for each unit, so they can be presented in a comparable way to the Bank’s senior management.

As a result, and given that this analysis must be conducted at the individual level of each subsidiary for its autonomous management, a consolidated view of the Group’s liquidity gaps is of very limited use for managing and understanding liquidity risk. Of note in the various analyses made using the liquidity gap is that for wholesale funding. On the basis of this analysis, a metric has been defined to guarantee that sufficient liquid assets are maintained in order to attain a minimum liquidity horizon, under the assumption of non-renewal of wholesale funding at maturity.

The minimum liquidity horizons are determined in a corporate and homogeneous way for all units/countries, which must calculate their wholesale liquidity metric in the main currencies in which they operate.

Bearing in mind the market tensions in the last few years of global crisis, this wholesale liquidity gap has been closely monitored in the parent bank and in the euro zone units.

At the end of 2015, all units were in a comfortable position in the horizons established at the corporate level for this scenario.

b) Net structural positionThe objective of this metric is to determine the reasonableness of the funding structure of the balance sheet. The Group’s criterion is to ensure that the structural needs (lending, fixed assets, etc) are covered by an adequate combination of wholesale sources and a stable base of retail deposits, to which is added capital and other permanent liabilities.

Each unit draws up its liquidity balance sheet in accordance with the features of their businesses and compares them with the various funding sources they have. This determines the funding structure that must be met at all times with a key premise: basic businesses must be financed with stable funds and medium- and long-term funding. All of this guarantees the Bank’s sound financial structure and the sustainability of its business plans.

At the end of 2015, the Group had a structural liquidity surplus of more than EUR 149,000 million, equivalent to 14% of net liabilities (vs. 15% of net liabilities in 2014).

c) Analysis of scenariosAs an additional element to these metrics, the Group develops various stress scenarios. The main objective of these is to identify the critical aspects of potential crises and define the most appropriate management measures to tackle each of these situations.

Generally speaking, the units take into account three scenarios in their liquidity analysis: idiosyncratic, local systemic and global systemic. These scenarios are the minimum standard analysis established for all the Group’s units for reporting to senior management. Each of the units also develops ad hoc scenarios that replicate significant historic crises or specific liquidity risks in their environment.

• Idiosyncratic crisis: only affects the Bank but not its environment. This is basically reflected in wholesale funds and in retail deposits, with various percentages of outflows depending on the severity defined.

This category includes studying a specific crisis scenario affecting a local unit as a result of a crisis in the parent bank, Banco Santander. This scenario was particularly relevant in 2012 because of significant tension in the markets with regard to Spain and other countries on the periphery of the euro zone, a situation amply overcome since then.

• Local systemic crisis: an attack by the international financial markets on the country where the unit is located. Each unit would be affected to varying degrees, depending on its relative position in the local market and the image of soundness it transmits. The factors that would be affected in such a scenario include, for example, wholesale funding because of closure of markets, and liquid assets linked to the country, which would suffer significant falls in their value.

• Global systemic crisis: In this scenario some of the factors mentioned in the scenarios above are stressed, paying particular attention to the most sensitive aspects from the standpoint of the unit’s liquidity risk.

An additional combined scenario is also prepared for the parent. This considers extremely severe impacts on both solvency and liquidity, such as, for example, Banco Santander having to face reputational problems caused by mismanagement, powerfully impacting its ability to access liquidity in the market, and assuming these problems occur against a backdrop of a local (i.e. Spain) macroeconomic crisis, further penalising the assets available to the Bank to meet its needs. Consequently, the impacts on assets and liabilities are the result of the most severe combination of the idiosyncratic and local-systemic (Spain) scenarios.

254


2015 ANNUAL REPORT

Defining scenarios and calculating metrics under each of them is directly linked to the process of drawing up and executing the liquidity contingency plan, which is the responsibility of the financial management area.

At the end of 2015, and in a scenario of a potential systemic crisis affecting the wholesale funding of units in Spain (following the previously mentioned 2012 scenario), Grupo Santander maintained an adequate liquidity position. The wholesale liquidity metric horizon in Spain (included within the liquidity gap measures) showed levels higher than the minimums established, during which the liquidity reserve would cover all wholesale funding maturities, in the event of them not being renewed.

As well as these three metrics, several other internal and market variables were defined as early warning indicators of possible crises, revealing their nature and severity. Their integration into daily liquidity management enables anticipation of situations that could affect the Group’s liquidity risk. Although these alerts vary from country to country and from bank to bank on the basis of specific determinants, some of the parameters used are common to the Group, such as Banco Santander’s CDS level, the evolution of customer deposits and trends in official central bank interest rates.

D.3.2.3. Management adapted to business needsAs already pointed out, Grupo Santander’s liquidity management is carried out at the level of subsidiaries and/or business units in order to finance their recurring activities at appropriate prices and maturities. The main balance sheet items related to the Group’s business and funding its major business units are as follows:

Main units and balance sheet itemsBillion euros. December 2015

Total assets

Net loans Deposits

M/LT funding

Spain 327 155 175 57

Portugal 50 28 29 5

Santander Consumer Finance 89 74 33 18

Poland 29 19 21 0

UK 383 283 232 70

Brazil 139 60 57 20

Mexico 65 30 28 2

Chile 46 32 24 7

Argentina 11 6 8 0

US 131 84 60 37

Group Total 1,340 787 678 217

*

**

***

Customer loans excluding loan-loss provisions.

Including retail commercial paper in Spain.

M/LT issues in markets, securitisations and other collateralised funding in the market and funds taken from FHLB lines. All in their nominal value.

In practice, and in line with the funding principles set out, liquidity management in these units consists of:

• Drawing up a liquidity plan every year, based on the funding needs derived from the budgets of each business and the methodology already described. On the basis of these liquidity needs and taking into account prudent limits on recourse to short-term markets, the Financial Management area establishes an issuance and securitisation plan for the year for each subsidiary/global business.

• Monitoring, throughout the year, the evolution of the balance sheet and of the funding needs of the subsidiaries/businesses that gives rise to updating the plan.

• Monitoring and managing compliance by units with regulatory ratios, as well as overseeing the level of asset encumbrance in each unit’s funding, from both the structural standpoint and the component with the shortest maturity.

• Maintaining an active presence in a large number of wholesale funding markets that enables an appropriate structure of issues to be sustained, diversified by products and with a conservative average maturity.

The effectiveness of this management at Group level is based on implementation in all subsidiaries. Each subsidiary budgets its liquidity needs based on their intermediation activity and assesses its capacity to access wholesale markets in order to establish an issuance and securitisation plan, in coordination with the Group.

Traditionally, the Group’s main subsidiaries have been self-sufficient as regards their structural financing. The exception is Santander Consumer Finance (SCF) which needs the support of other Group units, particularly that of Banco Santander, S.A., given its nature as a consumer finance specialist operating mainly via dealers.

This support –always at market prices based on maturity and the internal rating of the borrowing unit– has been on a sustained downward trend and currently relates almost entirely to the needs of new portfolios and business units incorporated in the context of the agreement with Banque PSA Finance. In 2016, this requirement for greater financial support from the Group will continue, as there are no more units to incorporate. Over the medium term, the development of wholesale funding capacity in the new units, as required by the Santander model, will enable this support to be reduced.

D.3.3. Funding strategy and evolution of liquidity in 2015

D.3.3.1. Funding strategySantander’s funding activity over the last few years has focused on extending its management model to all Group subsidiaries, including new incorporations, and, in particular, adapting the strategies of the subsidiaries to the increasingly demanding requirements of both markets and regulators. These requirements have not been the same for all markets and reached much higher levels of difficulty and pressure in some areas, such as on the periphery of Europe.

255


2015 ANNUAL REPORT

It is possible, however, to extract a series of general trends implemented by Santander’s subsidiaries in their funding and liquidity management strategies since the beginning of the crisis. These are the following:

• Maintaining adequate and stable medium and long-term wholesale funding levels at the Group level. This funding represented 21% of the liquidity balance at the end of 2015, similar to the level over recent years, but well below the 28% at the end of 2008, when wholesale liquidity, then more abundant and at lower cost, was yet to suffer the tensions of the crisis.

In general, this wholesale activity has been modulated in each unit on the basis of regulatory requirements, the generation of internal funds in the business and decisions to hold sufficient liquidity reserves.

• Ensuring a sufficient volume of assets that can be discounted in central banks as part of the liquidity reserve (as defined on page 258 of this section) to cater for stress situations in wholesale markets.

The Group has significantly increased its total discounting capacity in the last few years, from EUR 85,000 million at the end of 2008 to more than EUR 195,000 million at present.

• Strong liquidity generation from the commercial business through lower credit growth and increased emphasis on attracting customer deposits

The changes in the Group’s lending over recent years have been the result of reductions in the Spain and Portugal units, caused by rapid deleveraging in those countries, coupled with growth in the bank’s other markets, through both expansion of developing units and businesses (the US, Germany, Poland and UK Companies) and sustained business growth in emerging economies (Latin America). Overall, the Group’s net loans have increased by EUR 146,000 million since December 2008, an increase of 26%.

In parallel, the volume of customer deposits has increased by EUR 262,495 million, due to the focus on liquidity during the crisis and the Group’s capacity to attract retail deposits through its branches. This represents a 62% increase since December 2008, more than double the increase in net loans over the same period. Deposits have increased in all commercial units, both in deleveraging and growing economies, where they are growing in line with loans.

As in 2014, in 2015 these trends for loans and deposits were interrupted at the Group level. This was caused by, on the one hand, lower deleveraging and recovering production in the economies most affected by the crisis, and, on the other, the focus on reducing liability costs in mature economies with historically low interest rates. As a result the gap between loan and deposit balances has stopped shrinking, and even started to edge upwards slightly over the last two years.

All these developments in businesses and markets, built on the foundations of a solid liquidity management model, enable Santander to enjoy a very robust funding structure today. The basic features of this are:

• High share of customer deposits in a retail banking balance sheet. Customer deposits are the main source of the Group’s funding, representing around two-thirds of the Group’s net liabilities (i.e. of the liquidity balance) and 86% of net loans at the end of 2015.

They are also very stable funds given their origin mainly in business with retail customers (89% of the Group’s deposits come from retail and private banks, whilst the remaining 11% come from large corporate and institutional clients).

* Balance sheet for the purposes of liquidity management: total balance sheet net of trading derivatives and interbank balances.

LiabilitiesAssets

Grupo Santander liquidity balance sheet*% December 2015

65%75%

8%

17%

21%

12%2% Short-term funding

Shareholders’ funds and other liabilities

Medium and long-term funding

DepositsCustomer net loans

Fixed assets and others

Financial assets

• Diversified wholesale funding focused on the medium and long term, with a very small relative short-term component Medium and long term wholesale funding accounts for 21% of the Group’s net funding and comfortably covers the lending not financed by customer deposits (commercial gap).

This funding is well balanced by instruments (approximately 40% senior debt, 30% securitisations and structured products with guarantees, 20% covered bonds, and the rest preferred shares and subordinated debt) and also by markets so that those with the highest weight in issues are those where investor activity is the strongest.

The following charts show the geographic distribution of customer loans in the Group, and its medium and long-term wholesale funding, so that their similarity can be appreciated.

Net customer loansDecember 2015

Euro zone34%

Euro zone37%

UK 36%UK

32%

Rest of Europe

2%

US11%

US17%

Brazil8%

Brazil9%

Rest of Latam

9%

Rest of Latam

5%

M/LT wholesale funding December 2015

256


2015 ANNUAL REPORT

The bulk of medium and long-term wholesale funding consists of debt issues. Their outstanding balance at the end of 2015 was EUR 149,393 million in nominal terms, with an adequate maturity profile and average maturity of 3.9 years).

The distribution of this by instrument, evolution over the last three years and maturity profile was as follows:

Medium and long-term debt issuances. Grupo SantanderMillion euros

Outstanding balance at nominal value

December 2015 December 2014 December 2013

Preferred shares 8,491 7,340 4,376

Subordinated debt 12,262 8,360 10,030

Senior debt 83,630 68,457 60,195

Covered bonds 45,010 56,189 57,188

Total 149,393 140,346 132,789

Distribution by contractual maturity. December 2015*

0-1 1-3 3-6 6-9 9-12 12-24 2-5 over 5 month months months months months months years years Total

Preferred shares 0 0 0 0 0 0 0 8,491 8,491

Subordinated debt 0 7 224 1,058 84 1,079 2,178 7,633 12,262

Senior debt 3,337 4,994 4,327 2,902 5,305 21,617 30,636 10,512 83,630

Covered bonds 2,627 1,444 1,458 1,477 1,669 8,714 10,170 17,452 45,010

Total* 5,964 6,444 6,008 5,438 7,058 31,410 42,984 44,087 149,393

* In the case of issues with a put option in favour of the holder, the maturity of the put option is considered instead of the contractual maturity.

Note: there are no additional guarantees for any of the senior debt issued by the Group’s subsidiaries.

In addition to debt issues, medium and long-term wholesale funding is completed by securitised bonds placed on the market, and collateralised and other specialist financing amounting to close to EUR 67,508 million, with a maturity of less than two years.

The wholesale funding of short-term issuance programmes is a residual part of the Group’s financial structure, accounting for around 2% of net funding, which is related to treasury activities and is comfortably covered by liquid financial assets.

The outstanding balance at the end of 2015 was EUR 24.448 million, mainly captured by the UK unit and the parent bank through existing issuance programmes: various certificate of deposit and commercial paper programmes in the UK, 39%; European commercial paper and US commercial paper and the domestic programmes of the parent bank, 22%, and programmes in other units, 39%.

In short, Santander enjoys a solid financing structure based on an essentially retail banking balance sheet that enables the Grupo Santander to comfortably cover its structural liquidity needs (loans and fixed assets) with permanent structural funds (deposits, medium and long-term funding and equity), giving rise to a large surplus in structural liquidity.

D.3.3.2. Evolution of liquidity in 2015The key aspects at the level of Group liquidity in 2015 were:

• Comfortable liquidity ratios, backed by balanced commercial activity and greater capturing of medium and long-term wholesale finance, absorbing the growth in lending.

• Compliance with regulatory ratios: the requirement to comply with the LCR ratio (Liquidity Coverage Ratio) came into effect in 2015. At the end of 2015, the Group’s LCR stood at 146%, well in excess of the minimum required (60% in 2015 - the percentage should increase steadily to 100% in 2018).

• Large liquidity reserve, stronger than 2014 in quantity (EUR 257,740 million) and quality (52% of the total are high quality liquid assets).

• Reduced weight of encumbered assets in structural medium and long-term funding operations: around 14% of the Group’s extended balance sheet (under European Banking Authority —EBA— criteria) at the end of 2015.

257


2015 ANNUAL REPORT

i. Basic liquidity ratios at comfortable levelsThe table shows the evolution of the basic metrics for monitoring liquidity at the Group level over the last few years:

Grupo Santander monitoring metrics

2008 2012 2013 2014 2015

Net loans/net assets 79% 75% 74% 74% 75%

Net loan-to-deposit ratio (LTD ratio) 150% 113% 112% 113% 116%

Customer deposits and medium and long-term funding/net loans 104% 117% 118% 116% 114%

Short-term wholesale funding/net liabilities* 7% 2% 2% 2% 2%

Structural liquidity surplus (% net liabilities*) 4% 16% 16% 15% 14%

* Balance sheet for liquidity management purposes.

Note: in 2012 and 2013 customer deposits include retail commercial paper in Spain (excluding short term wholesale funding). The 2012 and 2013 ratios include SCUSA by global integration, the same as in 2014.

At the end of 2015, and compared to 2014, Grupo Santander recorded:

• A stable ratio of net loans/net assets (total assets less trading derivatives and interbank balances) at 75%, as a result of improved credit conditions following ending of deleveraging in mature markets. This high level in comparison with European competitors reflects the retail nature of Grupo Santander’s balance sheet.

• Net loan-to-deposit ratio (LTD ratio) at 116%, within a very comfortable range (below 120%). This evolution shows the recovery of credit in mature markets, both organic as well as inorganic (incorporation of consumer businesses in Europe), and the greater focus on optimising the cost of retail deposits in countries with low interest rates.

• There was a decline in the ratio of customer deposits and medium and long-term financing/lending, for similar reasons to the LTD ratio, given that the rise in the Group’s capture of wholesale funds was also lower than the rise in lending. This ratio stood at 114% in 2015 (116% in 2014).

• The Group’s reduced recourse to short-term wholesale funding was maintained. The ratio was around 2%, in line with previous years.

• Lastly, the Group’s structural surplus (i.e. the excess of structural funding resources - deposits, medium and long-term funding and capital - over structural liquidity needs - fixed assets and loans) increased in 2015, to an average of EUR 159,000 million, around 4% higher than at the end of 2014.

At 31 December 2015, the consolidated structural surplus stood at EUR 149,109 million. This consists of fixed-income assets (EUR 158,818 million) and equities (EUR 19,617 million), partly offset by short-term wholesale funding (EUR -24,448 million) and net interbank and central bank deposits (EUR -4,878 million). In relative terms, the total volume was equivalent to 14% of the Group’s net liabilities, a similar level to the end of 2014.

In summary, Grupo Santander had a comfortable liquidity position at the end of 2015, as a result of the performance of its subsidiaries.

The table below sets out the most frequently used liquidity ratios for Santander’s main units at the end of December 2015:

Liquidity ratios for the main units% December 2015

Net loan-to-deposit ratio

Deposits+M & LT funding/net loans

Spain 89% 149%

Portugal 97% 121%

Santander Consumer Finance 226% 69%

Poland 88% 115%

UK 122% 107%

Brazil 106% 128%

Mexico 107% 101%

Chile 133% 98%

Argentina 78% 130%

US 140% 115%

Group Total 116% 114%

Note: in Spain, including retail commercial paper in deposits.

Generally speaking, there were two drivers behind the evolution of the Group’s liquidity and that of its subsidiaries in 2015:

1. Widening of the commercial gap, continuing the change of trend that began in 2014, reinforced by non-organic components (SCF).

2. Continuing intensity of issuance activity, particularly by the European and US units, against a backdrop of more favourable conditions in wholesale markets.

In 2015, the Group as a whole attracted EUR 56,000 million in medium and long-term funding.

In terms of instruments, the biggest increase was in issuances of medium and long-term fixed-income instruments (senior debt, covered bonds, subordinated debt and preferred shares), up 16% to more than EUR 42,000 million, with a larger weight of senior debts than covered bonds. Spain was the largest issuer, followed by the UK and Santander Consumer Finance units, the three of which accounted for 87% of the issuances.

The remaining EUR 14,400 million of medium and long-term finance related to securitisations and finance with guarantees, which remained stable compared to 2014. US and European units specialising in the consumer segment accounted for 85% of the total.

By geographic area, Santander Consumer Finance, Brazil and the US recorded the largest increases, supported by increased senior debt issuances.

In the United States, Santander Consumer Finance USA continued to increase its securitisation activity and its recourse to warehouse lines to fund strong growth in new lending and the portfolio. Santander Consumer Finance notched up EUR 4,200

258


2015 ANNUAL REPORT

million in securitisations, considerably lower than in 2014, but offset by the increased issuances of senior debt mentioned above.

The chart below sets out in greater detail their distribution by instruments and geographic areas:

Distribution by instrument

Senior debt60%

Spain18%

UK24%

Rest of Latam3%

US22%

Rest of Europe2%

Santander Consumer

Finance17%

Preferred shares

2%

Covered bonds

5%

Brazil14%

Geographic distribution

Medium and long-term funding placed in the market (issuances and securitisations)January-December 2015

Subordinated debt8%

Securitisations and others

25%

In summary, Grupo Santander maintained comfortable access to the markets in which it operates, strengthened by the incorporation of new issuing units. It was involved in issuances and securitisations in 14 currencies in 2015, in which 18 issuers from 15 countries participated, with an average maturity of around 4 years, slightly up on the previous year.

ii. Compliance ahead of schedule with regulatory ratiosUnder its liquidity management model, over the last few years Grupo Santander has been managing the implementation, monitoring and compliance - ahead of schedule - with the new liquidity requirements established under international financial regulations.

LCR (Liquidity Coverage Ratio)In 2014, and after approval by the Basel Committee of the final definition of the liquidity coverage ratio (LCR), a delegated act of the European Commission was adopted defining the criteria for calculating and implementing this metric in the European Union in the CRD IV sphere. Implementation was delayed until October 2015, although the initial compliance level of 60% was maintained. This percentage will be gradually increased to 100% in 2018.

The Group’s strong short-term liquidity starting position, combined with autonomous management of the ratio in all major units, enabled compliance levels of more than 100% to be maintained throughout the year, at both the consolidated and individual levels. As of December 2015, the Group’s LCR ratio stood at 146%, comfortably exceeding the regulatory requirement. Although this requirement has only been set at the Group level, the other subsidiaries also comfortably exceed this minimum ratio.

NSFR (Net Stable Funding Ratio)The final definition of the net stable funding ratio was approved by the Basel Committee in October 2014, and is pending transposition to local regulations.

As regards this ratio, Santander benefits from a high weight of customer deposits, which are more stable, permanent liquidity needs

deriving from commercial activity funded by medium and long-term instruments and limited recourse to short-term funds. All of this enables it to maintain a balanced liquidity structure, which is reflected in NSFR levels at Group level and for most subsidiaries exceeding 100% at the end of 2015, even though this is not required until 2018.

In short, the liquidity models and management of the Group and its main subsidiaries have enabled them to meet both regulatory metrics ahead of schedule.

iii. High liquidity reserveThis is the third major aspect reflecting the Group’s comfortable liquidity position during 2015.

The liquidity reserve is the total volume of highly liquid assets for the Group and its subsidiaries. This serves as a last resort recourse at times of maximum stress in the markets, when it is impossible to obtain funding with adequate maturities and prices.

As a result, this reserve includes deposits in central banks and cash, unencumbered sovereign debt, discounting capacity with central banks, assets eligible as collateral and undrawn credit lines in official institutions (Federal Home Loans Banks in the US).

All of this reinforces the solid liquidity position that Santander’s business model (diversified, retail banking focus, autonomous subsidiaries, etc.) confers on the Group and its subsidiaries.

At the end of 2015, Grupo Santander’s liquidity reserve amounted to EUR 257,740 million, 12% higher than at year-end 2014 and 3% above the average for the year. The structure of this volume by asset type according to cash value (net of haircuts) was as follows:

Liquidity reserveCash value (net of haircuts) in million euros

20152015

average 2014

Cash and deposits at central banks 48,051 46,703 47,654

Unencumbered sovereign debt 85,454 75,035 52,884

Undrawn credit lines granted by central banks 110,033 112,725 115,105

Assets eligible as collateral and undrawn credit lines 14,202 15,703 14,314

Liquidity reserve 257,740 250,165 229,957

Note: the reserve excludes other assets of high liquidity such as listed fixed income and equity portfolios.

This increase was accompanied by a qualitative rise in the Group’s liquidity reserve, deriving from the varied evolution of its assets. The first two categories (cash and deposits in central banks + unencumbered sovereign debt), the most liquid (or high quality liquidity assets in Basel’s terminology, as first line of liquidity), increased by more than the average. They rose by EUR 32,967 million, increasing their share of total reserves at the end of the year to 52% (44% in 2014).

Under the autonomy conferred by the funding model, each subsidiary maintains a suitable composition of assets in its liquidity reserve for its business and market conditions (for example, capacity to mobilise their assets or recourse to additional discounting lines, such as in the US).

259


2015 ANNUAL REPORT

Most of the assets are denominated in the currency of the country, and so there are no restrictions on their use. There are however regulatory restrictions in most countries limiting activity between related parties.

The geographic distribution of the liquidity reserve is: 51% in the UK, 27% in the Eurozone, 9% in the US, and the remaining 9% in Poland and Latin America.

Location of liquidity reserveMillion euros

UK 130,309 51%

Eurozone 69,719 27%

US 23,234 9%

Brazil 10,384 4%

Rest 24,094 9%

Total 257,740

iv. Asset encumbrance in financing transactionsLastly, it is worth pointing out Grupo Santander’s moderate use of assets as collateral in the structural funding sources of the balance sheet.

In line with the guidelines established by the European Banking Authority (EBA) in 2014, the concept of asset encumbrance includes both assets on the balance sheet contributed as collateral in operations to obtain liquidity as well as those off-balance sheet assets received and re-used for a similar purpose, as well as other assets associated with liabilities for different funding reasons.

The report on the Grupo Santander information required by the EBA at the end of 2015 is given below.

Grupo Santander Encumbered assets on balance sheet

Billion eurosCarrying value of

encumbered assetsFair value of

encumbered assets

Carrying value of unencumbered

assets

Fair value of unencumbered

assets

Assets 323.3 1,017.0

Credit and loans 217.8 725.9

Equities 13.2 13.2 10.5 10.5

Debt instruments 74.6 74.5 105.5 105.4

Other assets 17.7 175.1

Grupo Santander Encumbrance of collateral received

Billion euros

Fair value of encumbered collateral received

and debt issued by the encumbered entity

Fair value of collateral received and debt issued

by the entity available for encumbrance

Collateral received 44.9 52.0

Credit and loans 1.2 0.0

Equities 0.9 1.7

Debt instruments 42.8 45.1

Other collateral received 0.0 5.2

Debt instruments issued by the entity other than covered loans and securitisations 0.0 5.6

Grupo Santander Encumbered assets and collateral received, and related liabilities

Billion euros

Liabilities, contingent liabilities and securities lending associated with the encumbered assets

Assets encumbered and collateral received, including

debt instruments issued by the entity other than

guaranteed bonds and securitisations, encumbered

Total sources of encumbrances (carrying value) 302.6 368.3

260


2015 ANNUAL REPORT

On-balance sheet asset encumbrance amounted to EUR 323,300 million, over two-thirds of which is accounted for by loans (mortgages, corporate, etc.). Off-balance sheet asset encumbrance stood at EUR 44,900 million, mainly relating to debt securities received as collateral in operations to acquire assets which were re-used. The total for the two categories was EUR 368,300 million, giving rise to a volume of associated liabilities of EUR 302,600 million.

At the end of 2015, total asset encumbrance in financing operations represented 26% of the Group’s extended balance sheet under EBA criteria (total assets plus guarantees received: EUR 1,437 million as of December 2015). This ratio stands at levels in the preceding year. The Group’s recourse to TLTRO during 2015 has been offset by maturities of secured debt (mainly mortgage covered bonds) which have been replaced with unsecured funding

Lastly, it is important to note the different natures of the sources of encumbrance within these, as well as their role in funding the Group:

• 44% of total asset encumbrance corresponds to collateral contributed in medium and long-term funding operations (with a residual maturity of over 1 year) to finance the commercial activity on the balance sheet. This puts the level of asset encumbrance in funding transactions understood as ‘structural’ at 11% of the extended balance sheet, using EBA criteria.

• The other 56% corresponds to short-term market transactions (with a residual maturity of less than 1 year) or collateral contributed in operations with derivatives and whose purpose is not to finance the ordinary activity of businesses but efficient short-term liquidity management.

D.3.4. Funding outlook for 2016

Grupo Santander starts 2016 with a comfortable liquidity position, with a good outlook for financing over the coming year. However, there are risks to this rosier picture, including instability in financial markets, adjustments in China’s economy and changes in monetary policy at major central banks.

With maturities which can be assumed in the coming quarters, due to the reduced weight of short-term maturities and a dynamic of medium and long-term issues similar to that of a year ago, the Group will manage these needs in each country together with the specific needs of each business, including the envisaged incorporation of new portfolios and businesses, particularly consumer business in Europe.

The expected scenario of increased growth and new incorporations will generate moderate liquidity requirements in our units, in both mature and emerging economies.

In most cases, the Group’s business units can draw on surpluses from the end of 2015. There is also ample access to wholesale markets, particularly in Europe because of the European Central Bank’s quantitative easing programme. Taken together, these factors will enable the Group’s subsidiaries to maintain adequate liquidity structures for their balance sheets.

In Spain, where there is a surplus of deposits over loans, a moderate recovery in lending is envisaged after a long period of deleveraging, with a continuing focus on optimising the cost of funds. Liquidity ratios will be strengthened with an eye to the forthcoming returns of LTRO funds.

Of note in the other European units will be increasing issuance and securitisation activity in Santander Consumer Finance, backed by the strength of its business and the quality of its assets. As already discussed, in 2016 the consolidation of new portfolios will require a greater dependence on short-term funds in the rest of the Group.

In the UK, the strong performance of commercial activity and the capturing of clients will strengthen the deposit base as the basic source of credit growth. The expected favourable situation in the markets will enable the unit to optimise its medium and long-term sources of finance. The United States, also with balanced growth in loans and deposits, will focus on diversifying its wholesale financing sources, both in Santander Bank as well as Santander Consumer USA, which will contribute to reducing its leverage with respect to the funds guaranteed.

In Latin America, as in the previous year, the emphasis will remain on financing business activities from deposits, while fostering issuances in the wholesale markets open to the Group’s major units.

In addition, and at Group level, Santander is continuing its long-term plan to issue funds eligible as capital. This plan seeks to enhance the Group s current regulatory ratios efficiently, and also takes into account future regulatory requirements. Specifically, this includes fulfilment of TLAC (total loss-absorbing capacity) requirements, which come into effect in 2019 for systemically-important financial institutions. Although this is currently just an international agreement and awaits transposition into European regulations, the Group is already incorporating it into its issuance plans to meet potential requirements. The pace of issues over recent years are estimated to be sufficient to meet future needs.

Within this general picture, the Group’s various units took advantage of good conditions in the markets at the beginning of 2016 to make issues and securitisations at very tight spreads, capturing more than EUR 4,000 million in January.

261

Risk Profile > Operational risk5. Risk management report

2015 ANNUAL REPORT

D.4. Operational risk

D.4.1. Definition and objectives

Following the Basel framework, Grupo Santander defines operational risk (OR) as the risk of losses from defects or failures in its internal processes, employees or systems, or external events.

Operational risk is inherent to all products, activities, processes and systems and is generated in all business and support areas. For this reason, all employees are responsible for managing and controlling the operational risks generated in their sphere of action.

The Group’s objective in controlling and managing operational risk is to identify, measure, evaluate, monitor, control, mitigate and communicate this risk.

The Group’s priority is to identify and mitigate risk focuses, regardless of whether they produce losses or not. Measurement also helps to establish priorities for operational risk management.

In 2015, the Group continued to drive the improvement of its operational risk management model through a range of initiatives fostered through the Risks area. Some of the most significant of these include completion of the document tree for operational risk management policies as part of the ‘Documenta’ project, progress with the AORM (Advanced Operational Risk Management) transformation project as part of the Group’s ARM (Advanced Risk Management) strategy. This programme seeks to enhance operational risk management capacity through an advanced risk measurement approach, helping to reduce future exposure and losses impacting the income statement.

Grupo Santander has been calculating regulatory capital using the standardised approach set down in the EU Capital Requirements Directive. The AORM programme will help Grupo Santander develop internal models for estimating capital in its main geographic areas, both for economic capital and stress testing, and for potential application as regulatory capital.

The report on Prudential Significance/Pillar III in section 4 includes information on the calculation of capital requirements for operational risk.

D.4.2. Operational risk management and control model

D.4.2.1. Operational risk management cycleThe Group’s operational risk management incorporates the following elements:

Planning

OR profi

le

monitorin

g

Miti

gatio

n

Communication

OR management and control

Measurement

Identifi cation

Assessment

262


2015 ANNUAL REPORT

The various phases of the operational risk management and control model are:

• Identify the operational risk inherent in all the Group’s activities, products, processes and systems.

• Define the target profile of operational risk, specifying the strategies by unit and time frame, by establishing the OR appetite and tolerance for the budget of annual losses and monitoring thereof.

• Promote the involvement of all employees in the operational risk culture, through adequate training in all spheres and at all levels.

• Measure and assess operational risk objectively, continuously and consistently with regulatory standards (Basel, Bank of Spain) and the sector.

• Continuously monitor operational risk exposure, and implement control procedures, improve internal knowledge and mitigate losses.

• Establish mitigation measures that eliminate or minimise operational risk.

• Produce regular reports on operational risk exposure and the level of control for senior management and the Group’s areas and units, and inform the market and regulatory bodies.

• Define and implement the methodology needed to calculate internal capital in terms of expected and unexpected loss.

The following are needed for each of the aforementioned processes:

• Define and implement systems that enable operational risk exposure to be monitored and controlled in the Group’s day-to-day management activity, taking advantage of existing technology and achieving the maximum automation of applications.

• Define and document policies for managing and controlling operational risk, and implement methodologies and management tools for this risk in accordance with regulations and best practices.

The advantages of Grupo Santander’s operational risk management model include:

• It fosters development of an operational risk culture.

• It allows comprehensive and effective operational risk management (identification, measurement and assessment, control and mitigation, and information).

• It improves knowledge of existing and potential operational risks and assigns them to business and support lines.

• Operational risk information helps to improve processes and controls, and reduces losses and the volatility of revenues.

• It facilitates the establishment of operational risk appetite limits.

D.4.2.2. Risk identification, measurement and assessment modelA series of quantitative and qualitative corporate techniques and tools has been defined to identify, measure and assess operational risk. These are combined to produce a diagnosis on the basis of the risks identified and an assessment of the area or unit through their measurement and evaluation.

The quantitative analysis of this risk is carried out mainly with tools that register and quantify the potential level of losses associated with operational risk events:

• An internal database of events, the objective of which is to capture all of the Group’s operational risk events. The capture of operational risk events is not restricted by thresholds (i.e. there are no exclusions for reasons of amount), and events with both accounting (including positive effects) and non-accounting impact are captured.

Accounting reconciliation processes have been put in place to guarantee the quality of the information in the databases. The main events for the Group and each operational risk unit are especially documented and reviewed.

• An external database of events, as the Grupo Santander participates in international consortiums, such as the Operational Risk Exchange (ORX). The use of external databases has been stepped up, providing quantitative and qualitative information leading to a more detailed and structured analysis of events in the sector and enabling adequate preparation of the scenario analysis exercises described below.

• Analysis of OR scenarios. An expert opinion is obtained from the business lines and from risk and control managers to identify potential events with a very low probability of occurrence, but which could result in a very high loss for an institution. The possible effects of these are assessed and extra controls and mitigating measures are identified to reduce the likelihood of high economic impact.

In 2015 a corporate scenarios methodology was implemented in the Group’s main geographic areas.

• Capital calculation through the standard approach (see the corresponding section in the report on Prudential Relevance Report/Pillar III).

The tools defined for qualitative analysis seek to assess aspects (coverage/exposure) linked to the risk profile, enabling the existing control environment to be captured. These tools are mainly:

• Operational risk control self-assessment (RCSA). Self-assessment of operational risk is a qualitative process that seeks to determine the main operational risks for a unit, assigning these to the relevant function based on the judgement and experience of a group of experts in each function.

263


2015 ANNUAL REPORT

The RCSA process identifies and assesses the material operational risks that could stop a business or support unit achieving its objectives. It seeks to identify these operational risks, assessing them in inherent and residual terms, evaluating the design and operation of the controls and identifying mitigation measures whenever the associated risk levels are unacceptable to risk managers.

The Group has put in place an on-going operational risk self-assessment process: this ensures that material risks are assessed at least once a year. This process combines expert judgement and participation in workshops involving all interested parties, particularly the first-line of defence responsible for the risks and their control. These workshops are run by a facilitator, who is neutral and has no decision-making authority, helping the Group achieve its desired results.

The Group also produces focused assessments of specific operational risk sources, enabling transversal identification of risk levels at a greater degree of granularity. These are applied in particular to technological risks and factors that could lead to regulatory non-compliance, and areas that are exposed to money laundering and terrorism financing risks. The two latter areas, together with related plans for 2016, are set out in greater detail in the section D.5. Compliance and conduct risk.

• Corporate indicators system. These are various types of statistics and parameters that provide information on an institution’s risk exposure and control environment. These indicators are regularly reviewed in order to flag up any changes that could reveal risk problems.

In 2015, the Group evolved its corporate indicators to monitor the main risk concentrations in the Group and the industry. It has also fostered the use of indicators in all spheres of the organisation, from front-line risk managers down. The objective is to incorporate the most relevant risk indicators into the metrics that form the basis for constructing the operational risk appetite.

• Audit and regulatory recommendations. These provide relevant information on inherent risk due to internal and external factors, enabling weaknesses in the controls to be identified.

• Customer complaints. The Group’s increasing systemisation of the monitoring of complaints and their root causes also provides relevant information for identifying and measuring risk levels.

• Other specific instruments that enable more detailed analysis of technology risk, such as control of critical system incidents and cyber-security events. The capture of this information was incorporated into the corporate operational risk tool in 2015.

• Specific assessment of risks related to technological infrastructure management processes, the acquisition and development of solutions, control of information security and IT governance.

D.4.2.3. Implementation of the model and initiativesAlmost all the Group’s units are now incorporated into the model with a high degree of uniformity. However, the different pace of implementation and historical depth of the respective databases means that the degree of progress varies from country to country.

As set out in section D.4.1. Definition and objectives, the Group accelerated its transformation to an advanced operational risk management (AORM) approach in 2015. This programme seeks both to consolidate the current operational risk management framework and to adopt best practices in the market, based on monitoring of an integrated and consolidated operational risk profile, for proactive management of business strategy and tactical decisions.

This programme involves a number of key areas (risk appetite, self-assessment, scenarios, metrics, etc.) that enable the Group to refine the improvements it is implementing: these will mostly be completed in 2016, covering the ten main geographic areas. A monitoring structure has been set up at the highest organisational levels, both at the corporate centre and in the local units, to ensure adequate monitoring of progress.

This programme is supported by the development of a customised and integrated operational risk solution (Heracles, based on the external SAP GRC platform). This tool and the transformation plan will be fully implemented in all of the Group’s geographic areas in 2016.

The main activities and global initiatives adopted to ensure effective operational risk management are:

• Development and implementation of the operational risk framework, policies and procedures, both at the corporate level and in the geographic areas.

• Creation of operational risk control units in the Risks areas (second line of defence) and designation of coordinators responsible for OR in the various spheres of the first lines of defence.

• A new definition of a complete group of operational risk taxonomies (risks, controls, root causes, etc.), enabling more granular, thorough and consistent management of operational risk throughout the Group.

• Development of a new operational risk appetite structure, enabling increased granularity in risk tolerance for the Group’s most significant risk concentrations.

• Establishment of a process for escalating incidents, setting down the criteria for communication and escalation of operational risk events based on their relevance. The relevance of operational risk is defined based on thresholds set for each type of impact.

264


2015 ANNUAL REPORT

• Implementation of training programme at all levels of the organisation (from the board to the employees most exposed to risk in the first line of the business) and initiatives for the sharing of experiences (best practice sessions, launch of a monthly newsletter, etc.).

• Fostering of mitigation plans for aspects of particular relevance (information security and cyber-security in the widest sense, control of suppliers, etc.): monitoring of the implementation of corrective measures and projects under development.

• Improvements to the quality and granularity of the information on such risks analysed and presented to the main decision making forums.

• Improvements to contingency and business-continuity plans, and, in general, crisis-management (this initiative is linked to the viability and resolution plans).

• Fostering the control of risk associated with technology (application development and maintenance, design, implementation and maintenance or technological platforms, output of IT processes, etc.).

In the particular case of controlling suppliers mentioned above, following the development and approval of the corporate framework for agreements with third parties and control of suppliers in 2014, work continued throughout 2015 to define and develop the procedures, processes and tools needed for implementation. To this end, Group entities have been working on defining, implementing and monitoring action plans so as to adapt current processes to the new requirements of the model, paying particular attention to:

• Identification, assignment and communication of roles and responsibilities.

• Creation of specific committees for each geographic area to deal with issues relating to suppliers.

• Definition and monitoring of indicators.

• Preparation and maintenance of up-to-date inventories of suppliers of critical services.

• Training and awareness raising of risks associated with suppliers and other third parties.

The Group is continuing to work on the implementation of the model, reinforcing and standardising the activities to be carried out throughout the management lifecycle for suppliers and other third parties.

D.4.2.4. Operational risk information systemThe Group has a corporate information system that supports the operational risk management tools and facilitates information and reporting functions and needs at both the local and corporate levels.

This system includes modules for registering events, mapping and assessing risks, indicators, and mitigation and reporting systems, and applies to all Group entities.

As part of the implementation of the advanced operational risk management approach, and taking into account the synergies that will be produced in the control sphere (integration of operational risk control functions in the widest sense and compliance, documentation and certification process particularities for the internal model into a single tool), the Group is in the process of installing a new GRC (governance, risk and compliance) tool based on the SAP system, known as Heracles. The objective of Heracles is to improve decision making for operational risk management throughout the organisation.

This objective will be achieved by ensuring that those responsible for risks in every part of the organisation have a comprehensive vision of their risk, and the supporting information they need, when they need it. This comprehensive and timely vision of risk is facilitated by the integration of various risk and control programs, such as risk assessment, scenarios, events, assessment of control activities and metrics using a common taxonomy, and methodological standards. This integration provides a more accurate risk profile and significantly improves efficiency by cutting out redundant and duplicated effort.

Heracles also enables the interaction of everybody involved in operational risk management with the information in the system, but subject to their specific needs or limited to a particular sphere. However, it is always draws on a single source of information for all of the functions involved.

In 2015, the Group worked on automating the loading of information into operational risk management systems, and on improving reporting capabilities in the context of the project to comply with regulations on effective aggregation and reporting principles (Risk Data Aggregation/Risk Reporting Framework - RDA/RRF).

In order to achieve the objectives for this project, a reference technological architecture has been developed, providing solutions for information capture and feeding an integrated and reliable database (Golden Source) that is used for the generation of operational risk reports.

D.4.2.5. TrainingThe Group fosters awareness and knowledge of operational risk at all levels of the organisation. In 2014, a range of training initiatives were carried out, including e-learning programmes for all Group employees (general, computer security, business continuity plan) and training activities for groups requiring specific knowledge. These activities included training for employees in wholesale businesses, e-learning for executives and directors, and courses for operational risk coordinators on the first line of defence.

265


2015 ANNUAL REPORT

D.4.3. Evolution of the main metrics

As regards the databases of events, and after consolidating the information received, the evolution of net losses (including both losses incurred and net provisions) by Basel40 risk category over the last three years is set out in the chart below:

2013 2014 2015

I - Internal fraud VII - Execution, delivery

and process management

V - Damage to physical assets

III - Employment practices and

workplace health and safety

VI -Business interruption and systems failures

IV - Customer, product and

business practices

II - External fraud

2.4%

11.8%

1.2%

66.4%

1.2% 0.1%

16.9%

80%

70%

60%

50%

40%

30%

20%

10%

0%

Distribution of net losses by operational risk category41

% of total

The evolution of losses by category shows a slight reduction in relative terms for practices with clients, products and business, although these continue to be the largest item.

The most relevant losses by type and geographic region in 2015 related to judicial cases in Brazil and customer compensation in the UK.

In Brazil, the roll out of a set of measures to improve customer service (the Trabalhar Bem42 programme) has enabled us to reduce losses from judicial cases.

The increase in compensation for customers in the UK is due mainly to sales of Payment Protection Insurance. The claims received relate to a widespread practice in the UK banking sector. Provisions for possible future claims were increased in 2015, according to the Bank’s best estimates after having analysed the decision of the local authority to limit the deadline on claims.

The most noteworthy factors in the other operational risk categories include a decrease of fraud, in relative terms, and an increase in losses on process execution, delivery and management, mainly relating to provisions for process errors in the UK.

40. The Basel categories include the risks set out in chapter D.5. Compliance and conduct risk.

41. In accordance with local practices, the remuneration of employees in Brazil is managed as personnel expenses for the entity, without prejudice to its treatment under the Basel operational risk framework, and is therefore not included.

42. Refer to section D.4.4., Mitigation measures, for further details.

266


2015 ANNUAL REPORT

The chart below shows the evolution of the number of operational risk events by Basel category over the last three years:

2013 2014 2015

I - Internal fraud VII - Execution, delivery and management of processes

V - Damage in physical assets

III - Employment, health and

security practices at work

VI - Interruption of business and

failures in systems

IV - Practices with clients, products

and business

II - External fraud

0.1%

32.7%

0.1%

11.8%

1.7% 1.8%

51.8%

70%

60%

50%

40%

30%

20%

10%

0%

Distribution of number of events by operational risk category43

% of total

In 2015, the Group analysed the number of internal events and put a new procedure in place for escalation of relevant events (in terms of both financial impact and number of customers affected), enabling us to process these with more effective corrective measures. The concentration of relevant events compared to total events remained at very low levels, and was lower than in the previous year.

D.4.4. Mitigation measures

The model requires the Group to monitor the mitigation measures put in place for the main sources of risk identified through operational risk management tools and the organisational and development model, and by preventative implementation of policies and procedures for managing and controlling operational risk.

The Group model combines these measures in a shared database, enabling us to assign each mitigation measure and the various tools used (events, indicators, self-assessment, scenarios, recommendations and prevention policies).

The percentage of measures distributed by type was as follows:

Training and communication

6,0%

Organisation7,2%

Risk transfer0,2%

Technology34,2%

Processes52,4%

2015 mitigation – type of measure%

The main mitigation measures centred on improving the security of customers in their usual operations, the management of external fraud, continued improvements in processes and technology, and management of the sale of products and adequate provision of services.

Regarding the reduction of fraud, the main specific measures were:

Card fraud:• Roll out of chip cards:

• Implementation of the standard in all the Group’s geographic areas in line with the timeframe set down by the payment media industry.

43. In accordance with local practices, the remuneration of employees in Brazil is managed as personnel expenses for the entity, without prejudice to its treatment under the Basel operational risk framework, and is therefore not included.

267


2015 ANNUAL REPORT

• Replacement of vulnerable cards with new cards based on advanced authentication CDA technology, reducing the risk of cloning through more robust and complete encryption algorithms.

• Robust (Full Grade) validation of card transactions, including more checks, always carried out online.

• Implementation of the secure ecommerce standard (3DSecure) for internet purchases and requiring additional security codes for transactions, including the use of one-time passwords (OTP-SMS).

• Incorporation of anti-skimming detectors and passive elements in ATMs to stop card cloning.

• Review of card limits based on the product and customer segment, to adjust these for risk levels.

• Application of specific fraud monitoring rules and detection tools to block suspicious transactions abroad.

Electronic fraud:• Implementation of specific protection measures for mobile

banking, such as identification and registration of customer devices (Device Id).

• An improved Internet banking authentication system, with additional checks depending on the risk level for the customer or transaction.

• Checks of online banking transactions through a second factor based on one-time use passwords. Evolution of technology, depending on the geographic area (for example, based on image codes (QR) generated from data for the transaction).

Cyber-Security Program and information security plan

The Group has put in place the Santander Cyber-Security Program to foster and complement the actions already underway. This covers:

• governance, integrating the three lines of defence;

• an approach based on cyber-resilience, including identification, prevention, protection, detection and reaction activities;

• aspects of cyber-security relating to training, access control, segregation of functions and secure software development;

• initiatives to enhance organisation.

In 2015 the Group also continued paying full attention to cyber-security risks, which affect all companies and institutions, including those in the financial sector. This situation is a cause of concern for all entities and regulators, prompting the implementation of preventative measures to be prepared for any attack of this kind.

The Group has put in place the Santander Cyber-Security Program to foster and complement the actions already underway. The global aim is for this programme to be implemented in all Group banks, and covers: i) governance, integrating the three lines of defence; ii) an approach based on cyber-resilience, including identification, prevention, protection, detection and reaction activities; iii) aspects of cyber-security relating to training, access control, segregation of functions and secure software development; and iv) initiatives to enhance organisation.

The Group has evolved its internal cyber-security model to reflect international standards (including, the US NIST —National Institute of Standards and Technology— framework) and incorporate mature concepts. It has also continued its implementation of its cyber-security master plans in Group entities, including:

• Provision of specific budgets to improve cyber-security protection mechanisms against threats in the Group’s entities and geographic areas.

• Contracting of cyber-security insurance at the corporate level.

• Improvement of the Security Operations Centre (SOC), increasing its sphere of activity.

• Participation in cyber-security exercises in various Group geographies, to assess responses to such incidents.

• Cooperation with international forums to identify best practices and share information on threats.

The Group has also launched a training programme in this area, with a new course being implemented on the e-learning platform. This course will give precise guidelines for action, as well as examples of the main current patterns of cyber attacks and electronic fraud.

In addition, observation and analytical assessment of the events in the sector and in other industries enables us to update and adapt our models for emerging threats.

Other relevant mitigation measures: A number of local initiatives have been put in place to tackle external fraud involving identity theft and loan applications, given the significance of this for the Group and the industry. These include, enhancing quality controls for verifying customer identification alerts, evidence of income and applicant documentation (in the US) and plans to improve analysis of proposals (in Brazil).

With regard to mitigation measures relating to customer practices, products and business, Grupo Santander is involved in continuous improvement and implementation of corporate policies on aspects such as the selling of products and services and prevention of money laundering and terrorism financing. Detailed information on these areas can be found in section D.5.2. Compliance risk control and supervision.

268


2015 ANNUAL REPORT

The ‘Working Well’ (Trabalhar Bem) project in Brazil is also relevant to this category of operational risk, seeking to provide the Bank’s customers with a better service, with fewer incidents and complaints. This project includes various lines of action to improve selling practices and customer protection, including: influencing design decisions for products and services, analysis and solution of the root causes of customer complaints, development of a complaints management and monitoring structure, and improvement of protection networks at contact points.

D.4.5. Business continuity plan

The Group has a business continuity management system (BCMS), which ensures that the business processes of our entities continue to operate in the event of a disaster or serious incident.

Measurem

ent - continuous improvement in the business continuity m

anag

emen

t mod

el

Mea

sure

men

t - co

ntinuous im

provement in the business continuity management m

odelImpact analysis

Strategic definition of

continuity

Training, and maintenance

testing

Design of crisis management procedures

Governance

Policy

Organisation

The basic objective is to:

• Minimise the possible damage from an interruption to normal business operations on people, and adverse financial and business impacts for the Group.

• Reduce the operational effects of a disaster, providing predefined and flexible guidelines and procedures to be used to re-launch and recover processes.

• Restart time-sensitive business operations and associated support functions, in order to achieve business continuity, stable profits and planned growth.

• Protect the public image of, and confidence in, Grupo Santander.

• Meet the Group’s obligations to its employees, customers, shareholders and other stakeholders.

During 2015, the Group continued to advance in implementing and continuously improving its business continuity management system. This included consolidating the implementation of the three lines of defence in relation to business continuity, including newly created businesses and divisions in the management scope.

Furthermore, and based on the improvements made to the viability and resolution plans (for more details see section B.3.4. Recovery and resolution plans), a new comprehensive crisis-management model has been defined for operational and reputational crises. This refines the communication protocols for the functions involved in the decision to escalate a situation involving calling a new meeting of the crisis management committee. This also involves a redefinition of the current business continuity committee to provide adequate support to the head of operational risk Crisis Management Director in escalating issues to, and supporting, the CFO (the Crisis Management Director).

D.4.6. Other aspects of control and monitoring of operational risk

Analysis and monitoring of controls in market operations Due to the specific nature and complexity of financial markets, the Group considers it necessary to continuously improve operational control procedures to keep them in line with new regulations and best practices in the market. Thus, during the year, it continued to improve the control model for this business, attaching particular importance to the following points:

• Analysis of the individual operations of each Treasury operator in order to detect possible anomalous behaviour. During the year all the thresholds applied to each of the controls were reviewed with the other control areas, implementing specific limits for each desk.

• Implementation of a new tool that enables compliance with new record keeping requirements for monitoring communication channels.

• Strengthening of controls on cancelling and modifying operations and calculation of the actual cost thereof, where these are due to operational errors.

• Strengthening of controls on contributions of prices to market indexes.

• Development of additional controls to detect and prevent irregular operations (such as controls on triangular sales).

• Development of extra controls for access to systems registering front office operations (for example, to detect shared usernames).

• Adaptation of existing controls and development of new controls to comply with the new Volcker requirements.

• Formalisation of IT procedures, tools and systems for cyber-security protection, prevention and training.

• Development of the Keeping in B project. This involves a range of inter-disciplinary teams seeking to reinforce aspects relating to corporate governance, compliance with money laundering and credit risk controls and procedures, financial and operational architecture, technological platforms, regulatory and organisational aspects and sufficiency of resources.

For more information on issues relating to regulatory compliance in markets, refer to section D.5.4. Regulatory compliance.

269


2015 ANNUAL REPORT

The business is also undertaking a global transformation and evolution of its operational risk management model. This involves modernising its technology platforms and operational processes to incorporate a robust control model, enabling a reduction of the operational risk associated with its business.

Corporate informationThe operational risk function has an operational risk management information system that provides data on the Group’s main elements of risk. The information available for each country and unit in the operational risk sphere is consolidated to give a global vision with the following features:

• Two levels of information: corporate with consolidated information, and individual for each country or unit.

• Dissemination among Grupo Santander’s countries and units of the best practices identified through a combined study of the results of qualitative and quantitative analysis of operational risk.

Information on the following aspects is drawn up:

• Grupo Santander’s operational risk management model and the Group’s main units and countries.

• The perimeter of operational risk management.

• Monitoring of risk appetite metrics.

• The risk profile by country and risk category, and the main operational risk concentrations.

• Operational risk capital.

• The action plans associated with each risk source.

• Distribution of losses by geographic area and risk category.

• Evolution of losses (accumulated annual, deviation on previous year and against budget) and provisions by detection and accounting dates.

• Analysis of the database of relevant internal and external events.

• Analysis of the most relevant risks detected from different information sources, such as the self-assessment exercises for operational and technological risk and operational risk scenarios.

• Assessment and analysis of risk indicators.

• Mitigating and active management measures.

• Business continuity and contingency plans.

This information forms the basis for complying with reporting requirements to the executive risk committee, the board risk committee, the operational risk committee, senior management, regulators, rating agencies, etc.

Insurance in the management of operational riskGrupo Santander regards insurance as a key element in the management of operational risk. Common guidelines for co-ordination among the various functions involved in the insurance management cycle to mitigate operational risk were promoted in 2015. These mainly involved the insurance areas themselves and operational risk control areas, but also the first line risk management areas, pursuant to the procedure designed in 2014.

These guidelines incorporate the following activities:

• Identification of all risks in the Group that can be covered by insurance, including identification of new insurance coverage for risks already identified in the market.

• Establishment and implementation of criteria to quantify the insurable risk, backed by analysis of losses and loss scenarios that enable the Group’s level of exposure to each risk to be determined.

• Analysis of coverage available in the insurance market, as well as preliminary design of the conditions that best suit the identified and assessed needs.

• Technical assessment of the protection provided by the policy, its costs and the elements retained in the Group (franchises and other elements at the responsibility of the insured) in order to make contracting decisions.

• Negotiating with suppliers and award of contracts in accordance with the procedures established by the Group.

• Monitoring of incidents declared in the policies, as well as of those not declared or not recovered due to an incorrect declaration, establishing protocols for action and specific monitoring forums.

• Analysis of the adequacy of the Group’s policies for the risks covered, taking appropriate corrective measures for any shortcomings detected.

• Close cooperation between local operational risk executives and local insurance coordinators to strengthen mitigation of operational risk.

• Active involvement of both areas in the global insurance sourcing unit, the Group’s highest technical body for defining coverage strategies and contracting insurance, the forum for monitoring the risk insured (created specifically in each geography to monitor the activities mentioned in this section) and the corporate operational risk committee.

This year, the Group has also contracted a cyber-insurance policy to cover the possible consequences of cyber-attacks.

Finally, it has adapted its in-house insurance model to improve the definition of functions and the coordination of the internal and external parties involved, so as to optimise protection of the income statement.

270

Risk Profile > Compliance and behavioural risk5. Risk management report

2015 ANNUAL REPORT

D.5. Compliance and conduct risk

D.5.1. Scope, aim, definitions and objective

The Compliance function comprises all matters related to regulatory compliance, prevention of money laundering and terrorism financing, governance of products and consumer protection, and reputational risk.

To achieve this, the Compliance function fosters the adherence of the Santander Group to the rules, supervisory requirements, principles and values of good conduct by setting standards, debating, advising and informing in the interest of employees, customers, shareholders and the wide community.

In the Grupo Santander’s current corporate configuration of three lines of defence, Compliance is an independent second-line control function that reports directly to the board of directors and the committees thereof, through the GCCO, who does so periodically and independently. The Compliance function reports to the CEO. This configuration is aligned with the requirements of banking regulation and with the expectations of supervisors.

In line with what is described in section B.1. Map of risks and in accordance with the current General Risk Framework of the Grupo Santander approved by the Board of Directors of Banco Santander, the following are described as compliance risks:

• Compliance risk: risk due to not complying with the legal framework, the internal rules or the requirements of regulators and supervisors.

• Conduct risk: risk caused by inadequate practices in the Bank’s relationships with its customers, the treatment and products offered to them and their suitability and appropiateness for each specific customer.

• Reputational risk: risk arising from damage to the perception of the Bank by public opinion, its customers, investors or any other interested party.

The Group’s objective in the sphere of compliance and conduct is to minimise the probability that irregularities occur; and that any irregularities that should occur are identified, assessed, reported and quickly resolved.

Other control functions (risks) and support functions (legal, T&O, etc) also take part in controlling these risks.

D.5.2. Compliance risk control and supervision

According to the configuration of lines of defence in the Grupo Santander and, in particular, within the Compliance function, primary responsibility for the management of such function’s risks lies in the first line of defence, jointly with the business units that directly originate such risks and the Compliance function. This is performed either directly or through allocation of compliance activities or tasks to this first line.

271


2015 ANNUAL REPORT

Further, setting, promoting and achieving units’ adherence to corporate frameworks, policies and standards across the Group is the responsibility of the Compliance function in its task of control and supervision as the second line of defence. To do so, controls are put in place and their application is monitored and verified. Reporting to governance and administrative bodies is the responsibility of the Compliance function, which is also responsible for advising and informing to senior management in these matters and fostering a culture of compliance, all of these within the framework of an annual programme whose effectiveness is periodically reviewed.

In compliance, the GCCO is responsible for reporting to governance and administrative bodies; who is also responsible for advising and informing senior management in these matters and fostering a culture of compliance, all of these within the framework of an annual programme whose effectiveness is periodically reviewed. This is independently of the reporting on all the Group’s risks (also including compliance risks) performed by the vice chairman of Risks and the CRO to the governance and administration bodies.

The Compliance function provides the basic components for managing these risks (frameworks and policies for combating money-laundering, codes of conduct, marketing of products, reputational risks, etc.) and ensures that the rest are duly tended to by the corresponding units of the Group (responsible financing, data protection, customers’ complaints, etc.), having established the opportune control and verification systems, in the second line of defence of Compliance.

Internal audit - as part of its third-line functions - performs tests and reviews necessary to verify that adequate controls and oversight mechanisms are being applied, and that the Group’s rules and procedures are being followed.

The essential elements of Compliance risk management are based on resolutions adopted by the board of directors, as the highest responsible body, by means of the approval of corporate frameworks that regulate significant matters, and the Santander Group’s General Code of Conduct. Such frameworks are approved at corporate level by the Banco Santander, S.A. as the Group parent, and subsequently approved by the units by means of the latter’s adhesion to the same, in order to carry out transposition in a manner that takes into account applicable local requirements.

The corporate frameworks of the Compliance function are as follows:

• General compliance framework.

• Products and services marketing framework.

• Complaint management framework.

• Anti-money laundering and terrorist financing framework.

These corporate frameworks are developed following Grupo Santander’s internal governance and are consistent with the Parent-subsidiary relationship model.

The General Code of Conduct sets out the ethical principles and rules of conduct that must govern the actions of all Grupo Santander’s employees and it is being supplemented in certain matters by the rules found in other codes and internal rules and regulations.

The Code also lays down the following:

• the Compliance functions and responsibilities set out in the same.

• the rules governing the consequences of non-compliance

• a whistleblowing channel for the submission and processing of reports of allegedly irregular conduct.

Regulatory compliance, under the Board Risk Committee and of the regulatory compliance committee, is responsible for the effective implementation and monitoring of the General Code of Conduct.

D.5.3. Governance and the organisational model

In the exercise of its general function of supervision, the board of directors of the Banco Santander, S.A. is responsible for approving the appointment of the head of Compliance (the Group Chief Compliance Officer – GCCO), and the framework for this function and its implementing policies. In addition, the board is the holder of the Group’s General Code of Conduct and of the corporate structures that implement this function.

In order to strengthen the independence of the compliance function as a function of internal control and provided it with sufficient relevance, the executive committee, at its meeting on February 2, 2015, agreed to appoint an executive vice-president as chief compliance officer (GCCO). For these purposes, in 2015 and pursuant to its mandate, a programme for the transformation of the compliance function at global level is being carried out (Target Operating Model for Compliance, TOM) and will be implemented over a period of three years, with the aim of elevating and bringing this function in line with the best standards in the financial industry.

Reporting on the compliance function to the board is done monthly.

Mention must also be made of the adequate coordination with the operational risk function, which collects different loss events deriving from compliance and conduct risks, and which, through risk governance - which includes a common overview of all the group risks - also reports to the board of directors and to its committees.

D.5.3.1. Governance The following corporate committees, each with their corresponding local replicas, are collegiate bodies with competencies in Compliance:

The regulatory compliance committee is the collegiate body that has powers in all matters inherent in regulatory compliance, without detriment to those assigned to the two specialised bodies in the area (corporate committee of marketing as regards the commercialisation of products and services, the monitoring committee and the anti-money laundering and terrorist financing committee.

The regulatory compliance committee held five meetings in 2015.

272


2015 ANNUAL REPORT

The products and services commercialisation committee is the collegiate body of governance for the validation of products and services. The initial proposal and authorisation of new products and services is the responsibility of units, while such proposals and their alignment with corporate policies must be subject to corporate validation. Its objectives and functions are based on the minimisation of inappropriate commercialisation of products and services to customers, taking into account consumer protection. Its functions are performed at both corporate and local level.

The committee assesses the appropriateness of adjusting products and services to the framework where they are going to be marketed, paying special attention to ensuring:

• That the stipulations set out in the corporate commercialisation frameworks and policies, and in general, the internal or external laws (for example, not granting loans for investment products, limiting the bank’s roles as underlying in commercialised structures, etc.) are fulfilled.

• That the target audience is clearly established, in accordance with its features and needs, clearly stating which customers it is not considered suitable for (e.g. aspects such as the customer’s commercial segment, customer’s age, geographical jurisdiction, etc.).

• That the criteria and controls are in place to assess how suitable the products is for the customer are defined at the time of the sale. This will include, depending on the type of product and the commercial treatment applied in each case, an assessment of the customer’s financial capacity to meet the payments associated with the product/service, the appropriateness of the customer’s knowledge and previous investment experience, and the adequate diversification of his investment portfolio, as the case may be.

• That the suitable documentation (advertising, commercial, pre-contractual, contractual and post-contractual) for each product/service, customer and commercialisation type be determined, and in each case, that the information be conveyed to customers clearly and transparently. This information can refer to:

• Explaining how the product or service works, presenting, in an objective and transparent way, the information on the product/service’s characteristics, terms and conditions, costs, risks and the calculation methodology, and not giving rise to unreasonable expectations or causing the customer to choose an inappropriate product/service.

• Frequency and content of the post-contractual information sent to customers, including details of the effective costs incurred and information on the product’s profitability and assessment, as the case may be.

• That training/certification plans, and checks on such plans, are in place to ensure that sales employees in the different channels have the required training and have sufficient information about the characteristics of the product/service, in order to be able to sell it appropriately.

The products and services commercialisation committee met 13 times in 2015 and analysed 104 new products/services, not having validated three of them.

The corporate monitoring committee is the Group’s collegiate governance body in monitoring of products and services, and for the assessment of customer claims in all Group units. Approved products and services are monitored locally through local monitoring committees or similar bodies, and their conclusions are reported directly to the corporate monitoring committee.

The monitoring committee held 34 meetings in 2015 at which incidents were resolved and information was analysed on the monitoring of products and services of the Group’s units.

The anti-money laundering and terrorist financing committee (formerly called the Analysis and Resolution Committee, CAR) is the collegiate body in this area, setting frameworks, policies and general objectives. It also validates the rules and regulations of other Group collegiate bodies and units in relation to prevention and coordination.

In order to strengthen governance of the function and to preserve its independence, the objectives and functions of the aforementioned committees have been reviewed in order to adjust them to the Group’s governance model, in the adaptation of the TOM.

D.5.3.2. Organisational modelDerived from the aforementioned transformation programme (TOM) and with the objective of attaining an integrated view and management of Compliance risks, the organisational structure of the function has been modified in accordance with a hybrid approach, in order to converge specialised Compliance risks (vertical functions) with an aggregate and standardised view of them (cross-cutting functions).

Hence, the Compliance structure is organised as follows to contribute to the Group’s mission in this field:

Cross-cutting functions

• Coordination with units.

• Governance, planning and consolidation.

• Compliance processes and information systems.

Vertical functions

• Regulatory compliance.

• Governance of products and consumer protection.

• Anti-money laundering and combating terrorist financing.

• Reputational risk.

D.5.4. Regulatory compliance

The following functions are in place for adequate control and supervision of regulatory compliance risks:

• Implement the Group’s General Code of Conduct and other codes and rules developing the same. Advise on resolving doubts that arise from such implementation.

273


2015 ANNUAL REPORT

• Cooperate with Internal Audit in the regular reviews of compliance with the general code and with the codes and other rules developing it, without detriment to the regular reviews which, on matters of regulatory compliance, are to be conducted directly.

• Prepare compliance programmes in relation with specific rules, or modifications thereof, for submission to the regulatory compliance committee and, as the case may be, subsequent approval by the board of directors or the committees thereof.

• Regularly report to the RSRCC and the board of directors on the development of the framework and the implementation of the compliance programme.

• Assess changes that need to be introduced into the compliance programme, particularly in the event of detecting unregulated risk situations and procedures susceptible to improvement, and propose the changes to the committee of regulatory compliance or the RSRCC.

• Receive and handle the accusations made by employees or third parties via the whistle blowing channel.

• Direct and coordinate investigations into the possible committing of acts of non-compliance, being able to request support from Internal Audit and propose to the Irregularities Committee the sanctions that might be applicable in each case.

• Supervise mandatory training activity on Compliance programme.

The Compliance TOM orients the focus of the regulatory Compliance function in the following areas:

1. Compliance in employee matters.

2. Compliance in organisational aspects.

3. Compliance of market regulations.

4. Conduct in the securities markets.

1. EmployeesThe objective of regulatory compliance with respect to employees –on the basis of the General Code of Conduct – is to establish standards in corporate defence and conflicts of interest and, from a regulatory perspective, set guidelines for remuneration and in dealings with suppliers.

In corporate defence, the responsibility is undertaken of minimising the impact of the penal responsibility of companies for any crimes committed on account of and for the benefit of them by administrators or representatives and by employees as a result of a lack of control.

The system of managing risks for the prevention of penal crimes, which was audited in 2015, obtained the AENOR certification in 2014.

A key element in this system is the whistle blowing channel. There are five main whistle blowing channels in the Group, which registered some 400 communications in 2015.

2. Organisational aspectsThis is a new aspect for regulatory compliance. The aim is to set standards, from a regulatory perspective, in record keeping, and in safeguarding the right to the protection of personal data, specifically, those of our customers.

Second-line work is also performed for the general Group compliance of US FATCA tax regulation.

3. Market regulationsIn 2015, a contribution was made to the corporate project of adjustment to the US Volcker Rule, which limits proprietary trading to very specific cases that the group controls by means of a compliance programme. Compliance of other specific security markets regulations are also monitored: as in the field of derivatives, that which is established by Title VII of the US Dodd Frank Act or its European counterpart, EMIR (European Market Infrastructure Regulation).

Regulatory compliance is also responsible for disclosing relevant Group information to the markets. Banco Santander made public 98 relevant facts in 2015, which are available on the Group’s web site and that of the National Securities Market Commission (CNMV).

4. Code of Conduct in Securities Markets (CCSM)The Code of Conduct in Securities Markets (CCSM), supplemented by the Code of Conduct for Analysis Activity, and other implementing rules, contains Group policies in this field and defines, inter alia, the following responsibilities for regulatory compliance:

• Register and control sensitive information known and generated by the Group.

• Maintain the lists of securities affected and related personnel, and watch the transactions conducted with these securities.

• Monitor transactions with restricted securities according to the type of activity, portfolios or collectives to whom the restriction is applicable.

• Receive and deal with communications and requests to carry out own account trading.

• Control own account trading of the relevant personnel and manage possible non-compliance of CCSM.

• Identify, register and resolve conflicts of interest and situations that could give rise to them.

• Analyse activities suspicious of constituting market abuse and, where appropriate, report them to the supervisory authorities.

• Resolve doubts on the CCSM.

At present, 13,000 people are considered relevant persons under the CCSM in the Group.

274


2015 ANNUAL REPORT

D.5.5. Governance of products and consumer protection

As a result of the transformation of the compliance function into the new TOM model, the old reputational risk office has been renamed as governance of products and consumer protection, and broadens its authority to strengthen adequate control and supervision of the marketing risks of products and services, promotion of transparency and a simple, personal and fair approach to customers to protect their rights and ensure that policies and procedures take consumers’ perspective into account. To do so, the following functions have been established, and organised on the basis of two corporate frameworks and a set of policies that lay down basic principles and guidelines in this field:

Frameworks• Corporate commercialisation framework: uniform system for

the marketing of products and services, with the aim of minimising exposure to risks and possible claims arising from such fields in all phases (validation, pre-sales, sales, post-sales following).

• Complaint management framework: uniform system for the systematised management of registration, control, management and analysis of the cause of complaints by different categories, thus allowing for identifying reasons for customer dissatisfaction, offering appropriate solutions in each case and improving, as necessary, the processes giving rise to them.

Functions• Foster units’ adherence to aforementioned corporate frameworks.

• Facilitate the functions of the corporate commercialisation committee, ensuring correct validation of any new product or service proposed by any Group subsidiary or the parent prior to the launch thereof.

• Preserve internal consumer protection, with the objective of improving relations with the Group, effectively promoting their rights, facilitating a solution to any controversies, in accordance with best practices through any channel, and fostering financial knowledge. The objective is to contribute to lasting relationships with customers.

• Identify, analyse and control fiduciary risk generated by private banking, asset management, insurance and outsourced activity of custody services for customers’ financial instruments. Fiduciary risk is the risk that arises from the administration of financial instruments on customers’ behalf. This process of fiduciary risk management requires the following activities, in addition to an admission process:

• regular assessment of compliance of products’ mandates, such that the risk associated to customers’ position is always handled in the customer’s best interest.

• monitoring the final performance of the investments both with regard to the fiduciary relations with the client who expects the best performance as well as with regard to competitors.

• regular monitoring of third-party custody providers.

• collect, analyse and report to Group governance bodies the information necessary to carry out an adequate analysis of the marketing risk of products, services and claims, with a twofold view: the possible impact on customers and on the Group, and on the monitoring of products and services throughout their life cycle.

• supervise subsidiaries’ processes of marketing and of customer complaint management, making proposals for improvement and following up on actions plans to mitigate risks.

The following were the main activities carried out by this function in 2015:

• In addition to the aforementioned analysis, of the 104 products and services submitted to the corporate commercialisation committee:

i. analysis and validation of 27 products or services considered to be not new.

ii. reviewing compliance of agreements in 63 structured notes issued by Santander International Products Plc. (subsidiary fully owned by Banco Santander S.A.) and

iii. resolution of 182 consultations by different areas and countries.

• Updating of the contents and formats of documents that regulate the validation and monitoring of products and services in order to incorporate the best practices identified in the Group in this areas. These documents were validated by the committee (July 2015) and then communicated to the subsidiaries, as they are considered benchmark documents that Group units must use as the basis for developing or adapting their own procedures in these areas. The main innovations are:

i. checklist which includes an assessment of the degree to which the proposal is aligned with the simple, personal and fair values of the corporate culture.

ii. update of the draft memorandum provided to Group units as guidelines for submitting initiatives to the pertinent commercialisation committee.

iii. update of the monitoring report submitted to Group units to assist in setting minimum and homogeneous contents for tracking and reporting on marketed products and services and

iv. extending the monitoring scope to all products and services, regardless of the date on which they were validated.

• supervise local monitoring of marketed products and services, with special attention focused on some units that require it due to the type of products and customers they have.

• Monitor the the fiduciary risk of customers’ equity in real estate investment funds and pension funds all managed by Santander Asset Management, the holding company owned by the group.

• Analyse and consolidate complaint information and management thereof from 25 local units and 36 business units and 10 branch offices of Santander Global Corporate Banking.

275


2015 ANNUAL REPORT

Corporate projects• Darwin Project: development of corporate tools to improve

safeguarding of customers’ rights:

i. MRF claim management tool, used in the registration, management and traceability of customer cases in order to comply with regulators’ and consumers’ expectations;

ii. tool based on Text & Speech Analytics ARCA (Application for Root Cause Analysis), complying with the Joint Committee guidelines of the European regulators. The tool processes all complaints cases in order to create uniform groups of information or clusters, and identify the cause of customers’ problems in order to mitigate them.

• Classification of financial products under a corporate methodology (rating of one to five): during the year, monitoring of implementation of technology developments in subsidiaries that will allow for maintaining this classification in systems and apply pertinent marketing criteria, with implementation estimated for the first half of 2016.

• Conduct costs arising from marketing (pilot Spain with the idea of spreading conclusions and synergies throughout the rest of the Group): the Corporation has led a collecting of processes and data of Santander España, in order to prepare and action plain aimed at setting up a procedure for identifying and recording, in a centralised, comprehensive, complete and reliable manner, all costs relating to conduct risks arising from marketing.

D.5.6. Anti-money laundering and terrorist financing

The following functions are in place for the adequate control and supervision of money laundering and terrorist financing risks:

• For Grupo Santander, it is a strategic objective to have an advanced and efficient anti-money laundering and terrorist financing system, constantly adapted to the latest international regulations and with the capacity to confront the appearance of new techniques by criminal organisations.

• Its action is structured based on the corporate framework which establishes the principles and basic action guidelines to set minimum standards that Grupo Santander’s units must observe. It is formulated in accordance with the principles contained in the 40 recommendations of the Financial Action Task Force (FATF) and the obligations and provisions of European directives concerning the prevention of the financial system being used for money laundering and for combating terrorist financing.

• The local units, in their role as first line of defence, are responsible for managing and coordinating the systems and procedures for anti-money laundering and terrorist financing in the countries where the Group operates, as well as the investigation and treatment of communications of suspicious transactions and of the information requirements of the corresponding authorities. Each of these local units has persons responsible for this function.

• Corporate systems and processes have been established in all units, based on decentralised operational technology systems, which can provide the corporate function with local management information and data, and also reporting, monitoring and control. These systems are used to apply an active and preventive management in the analysis, identification and monitoring of transactions suspected to be involved in money laundering or terrorist financing.

• Grupo Santander is a founding member of the Wolfsberg Group, with other major international financial entities. The Wolfsberg Group aims to establish international standards to increase the effectiveness of the anti-money laundering and combating terrorism financing programmes in the financial community. A number of initiatives have been launched to address different areas of concern. Supervisory authorities and experts in this area believe that the principles and guidelines set by the Wolfsberg Group represent an important step in the fight against money laundering, corruption, terrorism and other serious crimes.

The prevention organisation assists 168 different Group units established in 31 countries. There are 900 professionals in the Group performing the anti-money laundering and combating of terrorism financing function, and 81% of them are exclusively engaged on this task.

The main activity indicators for 2015 are as follows:

• Subsidiaries reviewed: 109

• Cases investigated: 84,748

• Communications to authorities: 21,485

• Training for employees: 129,233

The Group has both local and corporate training plans, with the aim of covering all employees. There are also specific training plans for the most sensitive areas related to anti-money laundering and terrorist financing.

D.5.7. Reputational risk

As a result of the transformation of the compliance function through the implementation of the TOM model, very significant progress has been made in the specification of the details of the reputational risk model.

The specific characteristic of reputational risk, originating in a wide variety of sources which, when combined with the stakeholder’s view,requires a unique approach, control and management model, different from other risks.

The reputational risk model is based on an eminently preventative approach, but it is also based on efficient crisis management processes.

Reputational risk management is to be incorporated into both business and support activities, and in internal processes. It should, therefore, allow for integrating functions of risk control and supervision in its activities.

276


2015 ANNUAL REPORT

The reputational risk model also involves an integrated understanding not only of the bank’s activities and processes in the performance of its activity, but also of how it is perceived by stakeholders (employees, customers, shareholders and investors, and society at large) in different environments. This approach requires close coordination between the management, support and control functions with the different stakeholders.

Reputational risk governance is thus included as a part of compliance governance, as indicated. The compliance function reports to the senior management about reputational risk questions, once the data regarding the sources of reputational risk has been consolidated.

D.5.8. Risk assessment model of compliance and risk appetite

The Group risk appetite for compliance risks stems from a non appetite declaration for risks of this type, in order to clearly reduce the probability of any economic, regulatory or reputational impact occurring within the Group. Compliance risk is organised in a homogeneous way in units, by establishing a common methodology, which consists of setting a series of compliance risk indicators and assessment matrices which are prepared for each local unit.

The corporate compliance function has assessed the regulatory risk (risk assessment) in 2015, focusing on the Group’s main countries. Actions plans designed to allay high risks which derive from risk assessment are monitored on a quarterly basis, country by country.

In accordance with the new compliance TOM, in 2015 the Group launched new indicators and established an initial risk assessment in regulatory consumer protection and products governance, anti-money laundering and funding of terrorism, and reputational risk functions.

From 2015 on, risk assessment is going to be consolidated in order to have a comprehensive overview of all compliance risks, so that such risks can be integrated with all the Group’s other risks, and so the board of directors may have a holistic vision of these risks. This will allow the Group to have a single overview of how compliance risk appetite is established, how it is monitored and what corrective measures need to be deployed, if necessary. This task is performed in accordance with the same methodologies and indicators as in the risk function, so that they are integrated in the Group’s risk appetite framework. Incurred losses resulting from compliance risks are added to the common event data base that is managed by the Risk function, in order to have a complete oversight, and also to provide an integrated control and management of non-financial risks.

The TOM model implementation is expected to include a revised taxonomy of the different types of compliance risks, as first level risks. The aim of this taxonomy is to clearly identify the compliance risks and so be able to ready for possible stress tests in the future.

D.5.9. Transversal corporate projects

In Risk Assessment, a methodology has been established for assessing compliance risks, training of all Group units, and in coordination with the operational risk function, the launching of an assessment exercise.

Lastly, the Risk Data Aggregation (RDA) project, in collaboration with the risk function, consists of a risk indicators models, which have been identified by the vertical functions, and which are required in a corporate tool in order to provide management information.

277

Risk Profile > Model risk5. Risk management report

2015 ANNUAL REPORT

D.6. Model risk

Grupo Santander has far-reaching experience in the use of models to help make all kinds of decisions, and risk management decisions in particular.

A model is taken to be a any metric based on a quantitative method, system or estimate which provides a simplified representation of reality, using statistical, economic, financial or mathematical techniques for processing information and obtaining a result based on a series of assumptions and subject to a certain degree of uncertainty. The use of models helps decisions to be taken more rapidly and objectively, generally justified by analysis of large amounts of information.

When models are used extensively, so-called Model Risk emerges, which is defined as a number of possible adverse impacts, including losses, produced by decisions based on erroneous models or models that have been misused.

According to this definition, the sources of Model Risk are as follows:

• the model itself, due to the utilisation of incorrect or incomplete data, or due to the modelling method used and its implementation in systems

• improper use of the model

Grupo Santander has been working on the definition, management and control of Model Risk in recent years, and took a major step forward in 2015 by creating a specific area within its Risk division to control this type of contingency. The area encompasses the old model validation unit and a specific control team.

The function is deployed at the corporation and also at each of the Group’s main entities. In order to carry out this function, a control framework has been defined with details concerning questions such as organisation, governance, model management and model validation.

278


2015 ANNUAL REPORT

Management and control of Model Risk is based on the life cycle of a model as defined by Grupo Santander, shown below:

3. Planning

epo

ting

r

11. Monitoring 4. Compilation of information

ards

10. Implementation 5. Development

oan

df s

t

gem

Man

aen

t r

2. Inventory

finit

ion

12. 9. Approval

6. Pre-implementation

testing 1. D

e

8. Independent validation 7. Materiality

Governance

1.- Definition of standardsThe Group has defined a set of standards to develop, monitor and validate its models. Any models used by the Group must meet these standards, regardless of whether they are developed internally or are acquired from third parties. The standards provide a guarantee of quality for the models used by the Group for decision-making purposes.

2.- InventoryOne key feature of proper management of Model Risk is a complete exhaustive inventory of the models used.

Grupo Santander has a centralised inventory, created on the basis of a uniform taxonomy for all models used at the various business units. The inventory contains all relevant information on each of the models, enabling all of them to be properly monitored according to their relevance. The inventory enables transversal analyses to conducted on the information (by geographic area, types of model, importance etc.), thereby easing the task of strategic decision-making in connection with models.

3.- PlanningThis phase involves all those affected by the model life cycle –users, developers, validators, data providers, IT etc.– and draws up and establishes priorities.

This planning takes place once a year at each of the Group’s largest entities, and is approved by local governance bodies, and validated by the corporation.

4.- Compilation of informationAs already mentioned, the data used to create models are a main source of Model Risk. Data must be reliable and complete, and must have sufficient historic depth to ensure that the model developed is suitable.

Grupo Santander has specialist teams to provide the information used to build models, information which has previously been certified by the owners.

5.- DevelopmentThis is the model’s construction phase, based on the needs laid down in the Models Plan and the information furnished to this end by the specialists.

Most of the models used by the Santander Group are developed by internal methodology teams, though some models are also outsourced from external providers. Development must meet the standards established in either case.

6.- Pre-implementation testingWhen the models have been built, the developers and their owners subject them to a battery of tests to ensure that they are functioning as expected, and make any adjustments necessary to this end.

7.- MaterialityEach Group model must be associated with a level of materiality or importance, which is established by an agreement among the parties involved.

279


2015 ANNUAL REPORT

The criteria for establishing materiality are documented in a corporate policy, which is transposed and approved at each of the Group’ s major entities.

Materiality determines the depth, frequency and scope of the validations and monitoring of the model, in addition to the governance bodies that must take decisions concerning the model.

Materiality constitutes basic information for proper model risk management, and constitutes a field in the corporate inventory.

8.- Independent validationInternal validation of models is not only a regulatory requirement in certain cases, but it is also a key feature for proper management and control of Grupo Santander’s model risk.

Hence, as indicated above, a specialist unit is in place which is totally independently of both developers and users, draws up a technical opinion of the suitability of internal models to their purposes, and sets out conclusions concerning their robustness, utility and effectiveness.

At the present time internal validation covers any models used in the risk function, be they models for credit risk, market risk, structural or operational risk, economic or regulatory capital risk, models for provisions and stress test models including, in the latter case, models to estimate items on the institution’s balance sheet and income statement.

The scope of validation includes not only the more theoretical or methodological aspects, but also IT systems and the data quality they allow, which determines their effectiveness. In general, it includes all relevant aspects of management in general (controls, reporting, uses, senior management involvement etc.).

After each model has been revised, the validation opinion is converted into a score on a scale of one to five as the model risk appraised by the internal validation team.

This corporate internal validation environment at Grupo Santander is fully aligned with the internal validation criteria of advanced models produced by the financial regulators to which the Group is subject. This maintains the criterion of a separation of functions for units developing and using the models (first line of defence), internal validation units (second line of defence) and internal audit (third line of defence) as the ultimate layer of control, checking the effectiveness of the function and its compliance with internal and external policies and procedures, and commenting on its level of effective independence.

9.- ApprovalBefore they are rolled out and actually used, models must be submitted for approval by the proper body, in accordance with their materiality.

10.- ImplementationThis is the phase during which the newly developed model is implemented in the system in which it will be used. As already mentioned, the implementation phase is another possible source of model risk, and it is therefore essential that tests be conducted by technical units and the owners of the model to certify that it has been implemented pursuant to the methodological definition.

11.- MonitoringA model is designed and built on the basis of certain information and circumstances, which may change with the passage of time. Models must therefore be regularly checked to ensure that they are still working properly, and adapted or redesigned if this is not the case.

The frequency and depth of monitoring is established on the basis of the models’ materiality.

12.- Management reportingSenior management at Grupo Santander, in the various units and also at the Corporation itself, regularly monitors model risk in a set of reports that provide a consolidated view of the Group’s model risk and enable decisions to be taken in this regard.

13.- GovernanceThe Model Risk Management Framework stipulates that the body taking responsibility for authorising risk management models to be used is the Models Committee. Each business unit has a models committee which takes responsibility for decisions concerning approval of the local usage of these models when the approval of the corporate models committee has been secured. Under the current policy, all models submitted to a models committee must have an internal validation report.

280

Risk Profile > Strategic risk5. Risk management report

2015 ANNUAL REPORT

D.7. Strategic risk

Grupo Santander considers strategic risk to be what it calls a transversal risk. During 2015, a strategic risk control and management model has been designed, and will be used as a reference for Group subsidiaries. This model includes the risk definition, the functional aspects and the description of the main processes associated with strategic management and control.

Strategic risk is the risk which is associated with strategic decisions and with changes in the entity’s general conditions, which have an important impact on its business model in both the mid and long term.

The entity’s business model is a key factor for strategic risk. The business model should be feasible and sustainable, deliver acceptable results each year and for at least the next three years.

There are three categories or types of strategic risk:

• Business model risk: the risk associated with the entity’s business model. This includes the risk of the business model being obsolescent, of it being irrelevant, and/or losing value, and so not be able to deliver the expected results. This risk is caused both by external factors (macroeconomic, regulatory, social and political questions, changes in the banking industry, etc.) and also internal ones (strength and stability of the income statement, distribution model/channels, revenue and expenses structure, operational efficiency, adequacy of human resources and systems, etc).

• Strategy design risk: the risk associated with the strategy set out in the entity’s five-year strategic plan. Specifically, it includes the risk that the strategic plan may not be adequate per se, or due to its assumptions, and thus the Bank will not be able to deliver on its expected results. It is also important to consider the opportunity cost of designing another more adequate strategy or the lack of action through not designing it.

• Strategy execution risk: the risk associated with the process of implementing five-year strategic plans and three-year plans. As the strategy is implemented in the mid and long term, it often has execution risk due to the complexity and many variables involved in it. Other risk area to be borne in mind are possibly inadequate resources, change management, and, lastly, lack of capacity to cope with changes in the business environment.

As far as strategic risk management and control are concerned, transversal risks associated with corporate development should also be taken into account, as they can pose an important risk to the

business model. Such risks are: those which entail a change in the entity’s scope and activity, acquisitions or disposals of significant holdings and assets, joint ventures, strategic alliances, shareholder agreements and capital transactions.

Lastly, there is another type of risks which may not have a strategic origin (credit, market, operational, compliance risks, etc.). Such risks can have a significant impact on the entity’s financial strength, and may in turn affect the entity’s strategy and business model. Hence, it is important to identify, assess, manage and control them.

Thus, Top Risks: they are risks with a significant impact on the entity’s results, liquidity or capital or risks which could entail undesirable considerations. These risks can bring the entity nearer to default.

While Emerging and Evolving Risks: are risks which have not previously appeared or which have been presented in a different way. These risks often involve a certain degree of uncertainty and are difficult to quantify, but they can have a significant impact during a mid-long term time frame.

The chart below shows how the above risks impact the Group’s business model and strategy.

Top and emerging risks

Financial health

Business model and strategy (Design and execution)

Corporate development transactions

281

Risk Profile > Capital risk5. Risk management report

2015 ANNUAL REPORT

D.8. Capital risk


After an introduction to the concept of capital risk and solvency levels at the close of 2015, the key capital figures are outline (pag. pag.281-282].

Next we describe the regulatory framework from a capital standpoint [pag. 282-283].

After that, the regulatory capital and economic capital figures are presented [pag. 283-287].

Lastly, we describe the capital planning process and stress tests in Grupo Santander [pag. 287-289].

For further details, refer to the Prudential Risk Report of Grupo Santander (Pillar III).

D.8.1. Introduction

Santander defines capital risk as the risk that the Group or some of its companies do not have the amount and/or quality of sufficient equity to meet the minimum regulatory requirements set for operating as a bank, to fulfil on the market’s expectations about its/their credit solvency and support business growth and the strategic possibilities they present, in accordance with the strategic plan. Of note are the following objectives:

• complying with the internal objectives for capital and solvency.

• meeting regulatory requirements.

• aligning the Bank’s strategic plan with the capital expectations of outside agents (rating agencies, shareholders and investors, customers, supervisors, etc.)

• supporting the growth of the businesses and exploit the strategic opportunities that arise.

Grupo Santander has a comfortable solvency position, above the levels required by regulators and by the European Central bank, our supervisor. In 2015, the Group continued to bolster its capital ratios in view of the adverse economic setting and to comply with new regulatory requirements. In early 2015, it carried out a EUR 7.5 billion accelerated book building operation, and established a dividend policy which assures organic capital generation.

At 31 December 2015, the Group’s main capital ratios are as follows:

Fully loaded Phase-in

Common Equity (CET1) 10.05% 12.55%

Tier1 11.00% 12.55%

Total Ratio 13.05% 14.40%

Leverage ratio 4.73% 5.38%

Phase-in ratios are calculated applying the transitional Basel III implementation schedules, while Fully loaded ratios are calculated using the final standard.

On 3 February, 2016, the European Central Bank authorised the use of the Alternative Standard Method to calculate capital requirements at consolidated level for operational risk in Banco Santander (Brasil) S.A. The impact of this authorization on the Group’s risk-weighted assets (-EUR 7,836 million), and, consequently, on its capital ratios, has not been taken into account in the data published on 27 January and which are presented in this report.

At the end of 2015, the ECB sent every entity a notification setting out the minimum prudential capital requirements for the following year. For 2016, Grupo Santander must maintain a minimum phase-in CET1 capital ratio at the consolidated level of 9.75% (9.5% being the Pillar I, Pillar II and capital buffer requirements and 0.25% the requirement for being a Systemically Important Financial Institution). As can be seen from the table above, the Group’s capital exceeds the ECB’s minimum requirement.

14.4%

9.75%

Regulatory capital%

Regulatory requirement1 2016 CET1

Regulatory ratios Dec 15

1. Minimum prudential requirements established by the ECB based on the supervisory review and assessment process (SREP)

Capital ratio

CET1

CET1

Systemic buffer

Minimum Pillar I4.50

5.00

0.25

Pillar II requirement (including capital conservation buffer)

12.55

The Group is working towards its goal of having a CET1 fully loaded of more than 11% by 2018.

282


2015 ANNUAL REPORT

CapitalThe Group considers the following capital concepts:

Regulatory capital

• Capital requirements: the minimum volume of own funds required by the regulator to ensure the solvency of the entity, depending on its credit, market and operational risks.

• Eligible capital: the volume of own funds considered eligible by the regulator to meet capital requirements. The main elements are accounting capital and reserves.

Economic capital

• Self-imposed capital requirement: the minimum volume of own funds required by the Group to absorb unexpected losses resulting from current exposure to the risks assumed by the entity at a particular level of probability (this may include other risks in addition to those considered in regulatory capital).

• Available capital: the volume of own funds considered eligible by the entity under its management criteria to meet its capital requirements.

Cost of capital

The minimum return required by investors (shareholders) as remuneration for the opportunity cost and risk assumed by investing in the entity’s capital. The cost of capital represents a ‘cut-off rate’ or ‘minimum return’ to be achieved, enabling us to analyse the activity of our business units and assess their efficiency.

Return on risk adjusted capital (RORAC)

This is the return (net of tax) on economic capital required internally. Therefore, an increase in economic capital decreases the RORAC. For this reason, the Bank requires transactions or business units involving higher capital consumption to deliver higher returns.

This considers the risk of the investment, and is therefore a risk-adjusted measurement of returns.

Using the RORAC enables the Bank to manage its business more effectively, assess the real returns on its business - adjusted for the risk assumed - and to be more efficient in its business decisions.

Value creation

The profit generated in excess of the cost of economic capital. The Bank creates value when risk adjusted returns (measured by RORAC) exceed its cost of capital, and destroys value when the reverse occurs. This measures risk adjusted returns in absolute terms (monetary units), complementing the RORAC approach.

Expected loss

This is the loss due to insolvency that the entity will suffer over an economic cycle, on average. Expected loss considers insolvencies to be a cost that can be reduced by appropriate selection of loans.

Leverage ratio

This is a regulatory metric that monitors the solidity and robustness of a financial institution by comparing the size of the entity to its capital.

It is calculated as the ratio between Tier1 capital and leverage exposure, which considers the size of the balance sheet with certain adjustments for derivatives, security funding transactions and contingency accounts.

Control of capital risks is not just a question of complying with current regulatory ratios. The regulatory changes affecting the Group, our key regulatory capital figures and leverage ratio, economic capital, return on risk adjusted capital) and capital planning and stress tests performed by the Group to assure our solvency, are explained in the following sections.

D.8.2. Regulatory framework

The standards known as Basel III came into force in 2014, setting new global standards for banks’ capital and liquidity.

From the standpoint of capital, Basel III redefines what is considered as available capital in financial institutions (including new deductions and raising the requirements of eligible capital instruments), increases the minimum capital required, demands that institutions operate permanently with capital buffers and adds new requirements in the risks considered.

In Europe, the new standards have been implemented via EU directive 2013/36, known as CRD IV, and its regulations 575/2013 (CRR), which is directly, applied in all EU countries (Single Rule Book). These standards are also subject to regulatory developments entrusted to the European Banking Authority (EBA).

CRD IV was introduced into Spanish law through Act 10/2014 on the ordering, supervision and solvency of credit institutions, and its subsequent regulatory implementation through Royal Decree Act 84/2015. The CRR is directly applicable in Member States from 1 January 2014 and repeals those lower-ranking standards that entail additional capital requirements.

The CRR provides for a phase-in period that will allow institutions to adapt gradually to the new requirements in the European Union. The phase-in arrangements have been introduced into Spanish law through Bank of Spain Circular 2/2014. The phase-in affects both the new deductions from capital and the instruments and elements of capital that cease to be eligible as capital under the new regulations. The capital conservation buffers provided for in CRD IV will also be phased in gradually, starting in 2016 and reaching full implementation in 2019.

283


2015 ANNUAL REPORT

After it was implemented, the Basel Committee on Banking Supervision has said that it intends to amend the capital regulations in the following sections:

• Standard credit risk method (open for public consultation until March 2016).

• Standard market risk method (Fundamental review of trading book).

• Standard operational risk method (there will be a public consultation in early 2016).

• IRB Internal Models: reducing the eligible options in design of models, particularly in certain portfolios.

• Internal market models: allow supervisors to withdraw authorisation to use this on the trading desk, reduce hedge mitigation and reduce diversification mitigation.

• Operational risk internal models: a consultation will be made on whether to eliminate them.

• Securitisations: the treatment of securitisations which fit the definition of ‘simple, transparent and comparable’ will be modified.

• Minimum requirements ( floors): the BCBS has said that it intends to replace the current floor of 80% of RWA calculated under Basel I with floors consisting of one for each risk type, defined based on the new revised standard methods.

• Structural interest rate risk: the Committee has said that it intends to establish a capital requirement for the structural interest rate risk on banks’ balance sheets.

• Calibration of leverage ratio: a minimum benchmark of 3% has been established, and will be reviewed in 2017. In recent publications, both the BCBS and the EVA have recommended a ratio of between 4% and 5%. Its calibration is expected to be completed in 2016 and it should be implemented in 2018.

Most of these regulatory modifications will be defined in 2016.

Grupo Santander shares the ultimate objective that the regulator pursues with this new framework, which is to make the international financial system more stable and solid. For years Grupo Santander has collaborated by supporting regulators and taking part in the studies promoted by the Basel Committee and the European Banking Authority (EBA), and coordinated at the local level by the Bank of Spain to calibrate the regulations.

Lastly, the TLAC (Total Loss Absorption Capacity) required of Global Systemically Important Entities (G-SIBs) was approved in the last G-20 meeting held in Antalya in November 2015. This is a very important milestone in terms of regulation. The TLAC means that banks must have a sufficient buffer of liabilities (capital and convertible debt) to be able to absorb losses, either through conversion to capital or by accepting a ‘haircut’. The objective is that when facing a risk of insolvency, a bank should be able to recover its solvency without needing to be bailed out by national governments. This regulation is pending incorporation into the prevailing regulatory framework. However, the Financial Stability Board (FSB)

has set a 3-year implementation schedule, such that it comes into effect in 2019. This proposes a minimum requirement for January 2019 equivalent to the higher of 16% of risk-weighted assets or 6% of leverage exposure; and for January 2022, the higher of either 18% of risk-weighted assets or 6.75% of leverage exposure.

The regulation requires that liabilities eligible for computation in this requirement must be subordinate to other non-eligible liabilities, and may include common equity, preferred issues eligible as Tier1 capital, subordinated debt eligible as Tier2 capital and at least 33% in the form of senior and junior debt.

The regulation stipulates that this requirement should be met at the consolidated level and at the level of each resolution group, as defined in the living wills. It also sets down certain restrictions on the financial support that a parent can provide to a subsidiary to comply with these requirements.

In Europe, Directive 2014/59/EU, known as the ‘BRRD’, was implemented. The BRRD has similar goals to the TLAC regulation.

This Directive also includes the concept of loss absorption and a minimum required eligible liability (MREL) requirement, which is similar to the TLAC. However, there are some differences in the ratios established, the scope of application and certain other definitions. The MREL applies to all entities operating in Europe, and is not limited solely to systemically important institutions. This began to apply on 1 January 2016, based on an ‘bank by bank’ calibration, with a 48-month transition period. It only applies to EU territory.

The MREL will be reviewed at the end of 2016, following the EBA submitting a report to the European Commission.

Furthermore, in 2015 the European Banking Authority has conducted the 2015 transparency exercise, in which it published information on risk-weighted assets, capital, solvency, and the details of sovereign positions at December 2014 and 2015 for 105 banks from 21 European countries, covering 67% of total assets in the European banking system. This exercise was aimed to promote transparency and to provide information on European banks’ capital and solvency, encouraging market discipline and the Union’s financial stability. The results underscore Grupo Santander’s comfortable capital and solvency position, ahead of its peers in many core metrics.

D.8.3. Regulatory capital

The regulatory capital framework is based on three pillars:

• Pillar I sets the minimum capital requirement for credit, market and operational risk, allowing the possibility of using internal ratings and internal models (IRB approach) for calculating credit-risk-weighted exposures, internal models (VaR) for market risk and internal models for operational risk. The aim is to make the regulatory requirements more sensitive to the risks actually incurred by financial institutions in carrying on their business activities.

• Pillar II establishes a system of supervisory review, aimed at improving banks’ internal risk management and capital adequacy assessment in line with their risk profile.

284


2015 ANNUAL REPORT

• Lastly, Pillar III deals with financial information transparency and market discipline.

In 2015, the solvency target set was reached, despite negative one-off impacts. Our CET1 ratio fully loaded stands at 10.05% at the close of 2015, proving our organic capital generation capacity, which is of 10 b.p. a quarter. The key regulatory capital figures are indicated below:

Fully loaded Phase-in

Dec 15 Dec 14 Dec 15 Dec 14

Common equity (CET1) 58,705 48,129 73,478 64,250

Tier1 64,209 52,857 73,478 64,250

Capital total 76,205 60,394 84,346 70,483

Risk-weighted assets 583,893 582,207 585,633 585,621

CET1 Ratio 10.05% 8.27% 12.55% 10.97%

Tier1 Ratio 11.00% 9.08% 12.55% 10.97%

Total capital ratio 13.05% 10.37% 14.40% 12.03%

12.55

1.85

11.0

1.1

8.3

1.30.8

10.05

2.05

0.95

Capital%

Tier1 CET1 Tier2

Capital ratio

Capital ratio

Capital ratio

Capital ratio

Tier2

Tier2Tier2

Tier2

Tier1

Tier1

CET1

CET1CET1

CET1

10.4

12.013.05

14.4

Dec 14

Fully Loaded Phase In

Dec 14Dec 15 Dec 15

The table below shows risk-weighted assets (RWAs) in the main geographic areas and type of risk.

Grupo SantanderTotal RWAs: 583,893

Cifras en millones de euros

RestContinental Europe UK Latin America USTotal: 230,585 Total: 115,752 Total: 154,357 Total: 82,406 Total: 794

Total risks: Total risks: Total risks: Total risks: Total risks: Credit: 86% Credit: 85% Credit: 80% Credit: 86% Credit: 84% Operational: 8% Operational: 8% Operational: 17% Operational: 14% Operational: 7% Market: 6% Market: 7% Market: 3% Market: 0% Market: 9%

Deployment of modelsAs regards credit risk, Grupo Santander continued its plan to implement Basel’s advanced internal rating-based (AIRB) approach for almost all the Group’s banks (up to covering more than 90% of net exposure of the credit portfolio under these models). Meeting this objective in the short term will also be conditioned by the acquisition of new entities, as well as by the need for coordination between supervisors of the validation processes of internal models.

The Group operates in countries where the legal framework among supervisors is the same, as is the case in Europe via the Capital Directive. However, in other jurisdictions, the same process is subject to the cooperation framework between the supervisor in the home country and that in the host country with different legislations. This means, in practice, adapting to different criteria and calendars in order to attain authorisation for the use of advanced models on a consolidated basis.

Santander continued to pursue this objective during 2015 through its plan to gradually implement the necessary technology platforms and methodological improvements to be able to gradually apply the advanced IRB approach for the calculation of regulatory capital in the rest of the Group’s units.

Grupo Santander currently has the supervisory authorisation to use advanced approaches for calculating the regulatory capital requirements by credit risk for the parent bank and the main subsidiaries in Spain, United Kingdom, Portugal, and certain portfolios in Mexico, Brazil, Chile, Santander Consumer Finance Spain and the US. The strategy of implementing Basel in the Group is focused on achieving use of advanced models in the main institutions in the Americas and Europe. In 2015, authorisation was received for the vehicle portfolio of Santander Consumer Nordics, maintaining the IRB approach for the companies and retail portfolios of the joint venture with PSA Francia.

285


2015 ANNUAL REPORT

The current proportion of use of IRB and standard methods is as follows:

Exposure at default (EAD) %

Standard40%

Standard Permanent36%

IRB60%

Future Roll Out64%

With regard to operational risk, Grupo Santander currently applies the standard approach to calculating regulatory capital, as set out in the European Capital Directive. During 2015, the Group increased the pace of transformation towards an advanced operational risk management (AORM) approach. The AORM programme will help Grupo Santander to develop internal models for estimating capital in its main geographic areas, both for economic capital and stress testing, and for potential application as regulatory capital.

As regards the other risks explicitly addressed in Pillar I of the Basel Capital Accord, in terms of market risk the Santander Group has permission to use its internal model for the treasury trading activity in Spain, Chile, Portugal and Mexico, thus continuing the plan of gradual implementation for the rest of the units presented to the Bank of Spain.

Leverage ratioThe leverage ratio has been defined within the regulatory framework of Basel III as a measure of the capital required by financial institutions not sensitive to risk. The CRD IV was amended on 17 January 2015 by modifying Regulation (EU) no. 575/2013 to harmonise the calculation criteria with those set forth in the Basel III leverage ratio framework and disclosure requirements document by the BCBS.

This ratio is calculated as the ratio between Tier1 divided by the leverage exposure. This exposure is calculated as the sum of the following items:

• Accounting assets, without derivatives and not including items considered to be deductions in Tier1 (for example, it include the balance of loans but not the goodwill).

• Off-balance sheet items (guarantees, unused credit limits granted, documentary credits, in the main) weighted by the credit limits.

• Inclusion of the net value of derivatives (gains and losses are netted with the same counterparty, minus collaterals if they comply with certain criteria) plus a charge for the future potential exposure.

• A charge for the potential risk of security funding transactions.

• Lastly, it includes a charge for the risk of credit derivative swaps.

The ratios published by the Group since 2014 are indicated below:

4,5%

3,7%

5,2%

4,6%

5,5%

4,8%

5,4%

4,7%

5,4%

4,7%

Dec 14 Mar 15 Jun 15 Sep 15 Dec 15

Fully loaded leverage ratio

phase-in leverage

6,0

5,5

5,0

4,5

4,0

3,5

3,0

The leverage ratio is still undergoing calibration and it is not compulsory until 2018. For the time being, a reference of 3% has been set (the Bank’s ratio is higher). During this period, the only obligation is to disclose the data to the market. More details are available in the Prudential Relevance Report (Pillar III) which is published on the Group website.

Global systemically important financial institutionsGrupo Santander is one of the 30 entities which have been classified as global systematically importance banks (G-SIB).

The designation as a systemically important entity is based on a measurement established by the regulators (the FSB and BCBS) based on 5 criteria (size, cross-jurisdictional activity, interconnectedness with other financial institutions, substitutability and complexity). This information is requested annually from banks with leverage exposure in excess of EUR 200,000 million (76 banks in December 2014), which are required to disclose it (refer to the information on www.gruposantander.com).

Based on this information, Banco Santander scored 208.4 points.

The fact that Santander is considered as a G-SIB means it has to fulfil certain additional requirements, which consist mainly of a capital buffer (we are included in the group of banks with the smallest capital buffer, 1%), in TLAC requirements (total loss absorbing capacity), that we have to publish relevant information more frequently than other banks, greater regulatory requirements for internal control bodies, special supervision and drawing up of special reports to be submitted to supervisors.

The fact that Grupo Santander has to comply with these requirements makes it a more solid bank than its domestic rivals.

Refer to the Prudential Relevance Report (Pillar III) for more information.

286


2015 ANNUAL REPORT

D.8.4. Economic capital

Economic capital is the capital needed, in accordance with an internally developed model, to support all the risks of business with a certain level of solvency. In the case of Santander, the solvency level is determined by the long term rating objective of ‘A’ (two notches above Spain’s rating), which means a confidence level of 99.95% (above the regulatory 99.90%) to calculate the necessary capital.

Santander’s economic capital model includes in its measurement all significant risks incurred by the Group in its operations (risk of concentration, structural interest rate, business, pensions and others beyond the sphere of Pillar I regulatory capital). Moreover, economic capital incorporates the diversification impact, which in the case of Grupo Santander is vital, because of its multinational and business nature, in order to determine the global risk profile and solvency.

Economic capital is a key tool for the internal management and development of the Group’s strategy, both from the standpoint of assessing solvency, as well as risk management of portfolios and businesses.

From the solvency standpoint, the Group uses, in the context of Basel Pillar II, its economic model for the capital self-assessment process (ICAAP). For this, the business evolution and capital needs are planned under a central scenario and alternative stress scenarios. The Group is assured in this planning of maintaining its solvency objectives even in adverse scenarios.

The economic capital metrics also enable risk-return objectives to be assessed, setting the prices of operations on the basis of risk, evaluating the economic viability of projects, units and lines of business, with the overriding objective of maximising the generation of shareholder value.

As a homogeneous measurement of risk, economic capital can be used to explain the risk distribution throughout the Group, putting in a metric comparable activities and different types of risk.

The economic capital requirement at the end of December 2015 was EUR 71,671 million, EUR 20,706 million below the EUR 92,377 million available economic capital.

The table below sets out the available economic capital:

Million euros

Dec 15 Dec 14

Net capital and issue premiums 52,004 44,851

Reserves and retained profits 49,673 46,227

Valuation adjustments (15,448) (11,429)

Minority interests 6,148 4,131

Base economic capital available 92,377 83,780

Required economic capital 71,671 69,278

Excess Capital 20,706 14,502

The main difference with the regulatory CET1 comes from the treatment of goodwill and other intangibles, which we consider as one more requirement of capital instead of as a deduction from the available capital.

The distribution of economic capital needs by type of risk at the end of December 2015 is shown in the following chart:

Credit 26,893Goodwill 19,178Market 8,227Interest (ALM) 2,550Operational 3,233Business 3,226Material assets 1,838Other 6,527

TOTAL ECONOMIC CAPITAL 71,671

Credit38%

Goodwill27%

Market 11%

Interest (ALM)

4%

Operational4%

Business4%

Material assets3% Other

9%

Million euros

The table below sets out Grupo Santander’s distribution by types of risk and geographic area at the end of December 2015:

Grupo SantanderTotal requirements:

Cifras en millones de euros

Corporate centre Continental Europe

71,671

UK Latin America US25,503 19,265 8,159 10,840 7,904

Total risks: Total risks: Total risks: Total risks: Total risks:

Goodwill: 75% Credit: 54% Credit: 61% Credit: 58% Credit: 64% Market: 20% Market: 10% Structural (pensions): 15% Structural (interest): 10% Operational: 9% DTAs: 4% DTAs: 10% Operational: 9% DTAs: 9% Material assets: 7% Other: 1% Business: 7% Business: 7% Business: 8% Intangible assets: 6%

Other: 19% Other: 8% Other: 15% Business: 6% Other: 9%

287


2015 ANNUAL REPORT

The distribution of economic capital among the main business areas reflects the diversified nature of the Group’s business and risk. Continental Europe represents 42% of the capital, Latin America including Brazil 23%, the United Kingdom 18% and the United States 17%.

Outside the operating areas, the corporate centre assumes, principally, the risk from goodwill and the risk derived from the exposure to structural exchange rate risk (risk derived from maintaining stakes in subsidiaries abroad denominated in currencies other than the euro).

The benefit of diversification contemplated in the economic capital model, including both the intra-risk diversification (equivalent to geographic) as well as inter-risks amounted to approximately 30%.

Return on risk adjusted capital (RORAC) and creation of valueGrupo Santander has been using RORAC methodology in its credit risk management since 1993 in order to:

• Calculate the consumption of economic capital and the return on it of the Group’s business units, as well as segments, portfolios and customers, in order to facilitate optimum assigning of economic capital.

• Measurement of the Group units’ management, using budgetary tracking of capital consumption and RORAC.

• Analyse and set prices in the decision-taking process for operations (admission) and clients (monitoring).

RORAC methodology enables one to compare, on a like-for- like basis, the return on operations, customers, portfolios and businesses, identifying those that obtain a risk- adjusted return higher than the cost of the Group’s capital, aligning risk and business management with the intention of maximising the creation of value, the ultimate aim of the Group’s senior management.

The Group regularly assesses the level and evolution of value creation (VC) and the risk-adjusted return (RORAC) of its main business units. The VC is the profit generated above the cost of the economic capital (EC) employed, and is calculated as follows:

Value creation =profit – (average EC x cost of capital).

The profit used is obtained by making the necessary adjustments to the accounting profit so as to extract just the recurrent profit that each unit generates in the year of its activity.

The minimum return on capital that an operation must attain is determined by the cost of capital, which is the minimum required by shareholders. It is calculated objectively by adding to the free return of risk the premium that shareholders demand to invest in our Group. This premium depends essentially on the degree of volatility in the price of the Banco Santander share in relation to the market’s performance. The Group’s cost of capital for 2015 was 9.31% (vs. 11.59% the previous year, in which there was greater market volatility).

The Group’s internal management includes an annual revision of the cost of capital and also an estimated cost of capital for each business unit, taking into account the specific features of each

market, under the philosophy of subsidiaries autonomous in capital and liquidity, in order to assess if each business is capable of generating value individually.

A positive return from an operation or portfolio means it is contributing to the Group’s profits, but it is only creating shareholder value when that return exceeds the cost of capital.

The performance of the business units in 2015 in value creation varied. The Group’s results, and thus the RORAC figures and value creation, are conditioned by the different evolution of the economic cycle in the Group’s units.

The creation of value and the RORAC for the Group’s main business areas at December 2015 are shown below:

Dec 15 Dec 14

Value Value Main segments RORAC creation RORAC creation

Continental Europe 13.9% 883 13.6% 358

UK 22.5% 1,065 20.4% 634

Latin America 33.8% 2,746 29.7% 2,401

US 13.4% 308 19.5% 412

Total business units 20.2% 5,001 20.4% 3,805

D.8.5. Planning of capital and stress exercisesStress tests on capital have become particularly important as a dynamic evaluation tool of the risks and solvency of banks. A new model of evaluation, based on a dynamic (forward-looking) approach, is becoming a key element for analysing the solvency of banks.

It is a forward-looking assessment, based on macroeconomic as well as idiosyncratic scenarios of little probability but plausible. It is necessary to have for it robust planning models, capable of transferring the impact defined in projected scenarios to the different elements that influence the bank’s solvency.

The ultimate objective of the stress exercises is to carry out a full assessment of the risks and solvency of banks, which enables possible capital requirements to be calculated in the event that they are needed because of banks’ failure to meet the capital objectives set, both regulatory and internal.

Internally, Grupo Santander has defined a process of stress and capital planning not only to respond to the various regulatory exercises, but also as a key tool integrated in the Bank’s management and strategy.

The goal of the internal process of stress and capital planning is to ensure sufficient current and future capital, including for adverse though plausible economic scenarios. Starting from the Group’s initial situation (defined by its financial statements, capital base, risk parameters and regulatory ratios), the envisaged results are estimated for different business environments (including severe recessions as well as ‘normal’ macroeconomic situations), and the Group’s solvency ratios are obtained for a period usually of three years.

288


2015 ANNUAL REPORT

This process provides a comprehensive view of the Group’s capital for the time frame analysed and in each of the scenarios defined. It incorporates the metrics of regulatory capital, economic capital and available capital.

The structure of the process is shown below:

1

2

3

4

5

Macroeconomic scenarios

Projection of the balance sheet and income statement

Projection of capital requirements

Solvency analysis

Action plan

Central and of recession Idiosyncratic: based on specific risks Multiannual time frame

Projection of volumes. Business strategy Spreads and cost of funding Commissions and operating costs Market shocks and operational losses Credit losses and provisions. PD and LGD PIT models

Consistent with the projected balance sheet Risk parameters (PD, LGD and EaD)

Capital base available. Profit and dividends Impact of regulations and regulatory requirements Capital and solvency ratios Compliance with capital objectives

In the event of not meeting objectives or regulatory requirements

The structure facilitates achieving the ultimate objective which is capital planning, by turning it into an element of strategic importance for the Group which:

• Ensures the solvency of current and future capital, including in adverse economic scenarios.

• Enables comprehensive management of capital and incorporates an analysis of the specific impacts, facilitating their integration into the Group’s strategic planning.

• Enables a more efficient use of capital.

• Supports the design of the Group’s capital management strategy.

• Facilitates communication with the market and supervisors.

In addition, the whole process is developed with the maximum involvement of senior management and its close supervision, as well as under a framework that ensures that the governance is the suitable one and that all elements that configure it are subject to adequate levels of challenge, review and analysis.

One of the key elements in capital planning and stress analysis exercises, due to its particular importance in forecasting the income statement under defined stress scenarios, consists of calculating the provisions needed under these scenarios, mainly those to cover losses in the credit portfolio. Specifically, to calculate credit portfolio loan loss provisions, Grupo Santander uses a methodology that ensures that at all times there is a level of provisions that covers all the projected credit losses for its internal models of expected loss, based on the parameters of Exposure at Default (EaD), Probability of Default (PD) and Loss Given Default (LGD).

This methodology is widely accepted and it similar to that used in previous stress exercises (for example, the EBA stress exercises in 2011 and 2014 or the health check on the Spanish banking sector in 2012).

Lastly, the capital planning and stress analysis process culminates with analysis of solvency under the various scenarios designed and over a defined time frame, in order to assess the sufficiency of capital and ensure the Group fulfils both the capital objectives defined internally as well as all the regulatory requirements.

289


2015 ANNUAL REPORT

Quantification of capital sufficiency

Initial capital base

++

Retained earnings 1

Changes in regulations 21 Dividend

policies

Final capital base 2 Regulatory changes arising from Basel III that may modify both the capital

Stress capital requirements base and the requirements

+ Changes in regulations 2

Final capital requirements

As already mentioned, as well as the regulatory exercises of stress, Grupo Santander annually conducts since 2008 internal exercises of resilience within its self-assessment process of capital (Pillar II). All of them showed, in the same way, Grupo Santander’s capacity to face the most difficult scenarios, both globally as well as in the main countries in which it operates.

In the event of not meeting the capital objectives set, an action plan will be prepared which envisages the measures needed to be able to attain the desired minimum capital. These measures are analysed and quantified as part of the internal exercises, although it is not necessary to put them into force as Santander exceeds the minimum capital thresholds.

This internal process of stress and capital planning is conducted in a transversal way throughout Grupo Santander, not only at the consolidated level, but also locally in the Group’s units as they use the process of stress and capital planning as an internal management tool and to respond to their local regulatory requirements.

Throughout the recent economic crisis, Grupo Santander was submitted to five stress tests which demonstrated its strength and solvency in the most extreme and severe macroeconomic scenarios. All of them, thanks mainly to the business model and geographic diversification in the Group, showed that Banco Santander will continue to generate profits for its shareholders and comply with the most demanding regulatory requirements.

In the first (CEBS 2010), the Group was the entity with a low impact on its solvency ratio, except for those banks that benefited from not distributing a dividend. In the second, carried out by the EBA in 2011, Santander was not only among the small group of banks that improved their solvency in the stress scenario, but also the bank with the highest profits.

In the stress exercises conducted by Oliver Wyman on Spanish banks in 2012 (top-down and then bottom-up), Banco Santander again showed its strength to give with full solvency the most extreme economic scenarios. It was the only bank that improved its core capital ratio, with a surplus of more than EUR 25,000 million over the minimum requirement.

Lastly, in the recent stress test carried out in 2014 by the European Central Bank, in conjunction with the European Banking Authority, Grupo Santander was the bank with the smallest impact from the adverse scenario among its international peers (EUR 20,000 million capital surplus above the minimum requirement). These results show, once again, that Grupo Santander’s business model enables it to face with greater robustness the most severe international crises.

290

Appendix: Edtf transparency5. Risk management report

2015 ANNUAL REPORT

EXECUTIVE SUMMARYA. PILLARS OF THE RISK FUNCTIONB. RISK CONTROL AND MANAGEMENT MODEL C. BACKGROUND AND UPCOMING CHALLENGESD. RISK PROFILEAPPENDIX: EDTF TRANSPARENCY

Appendix: EDTF transparencyBanco Santander has traditionally maintained a clear commitment to transparency. By virtue of this transparency, it has played an active role in the Enchanced Disclosure Task Force (EDTF) promoted by the Financial Stability Board (FSB) in order to improve the quality and comparability of the risk information that banks provide to the market. Several studies have analysed the degree of adoption of

the 32 recommendations formulated by the EDTF in October 2012, in which Santander stands out as one of the banks that is leading globally the practical application of this initiative.

The table below sets out where the EDTF recommendations can be found in the information published by Grupo Santander.

EDTF recommendations Annual report*

Audit report and annual accounts * IRP (Pillar III) *

General

1 Index with risk information Executive summary Appendix V; Appendix VI; 3.4

2 Terminology and risk measures B.1.; D.1.5.; D.2.1.-D.2.4.; D.3.2.

Notes 54b, 54c, 54d, 54e Appendix IV

3 Top and emerging risk C 5.2; 5.3.7

4 New regulatory ratios and compliance plans D.1.; D.3.; D.8. Notes 54c, 54e, 54j 1; 4.6.3.2- 6.5.3.3

Risk governance and risk management and business model

5 Organisation of risk management, processes and functions B; D.3.2. Notes 54b, 54e 5; 4.2; 4.3; 4.46 Risk culture and internal measures A; B.4. Notes 54a, 54b 57 Business model risks, risk management and appetite B; D.8. Notes 54b, 54j 5.1; 5.3; 11.8;

8 Stress test uses and processB.3.1.-B.3.3.; D.1.5.; D.2.2.-D.2.3.; D.3.2.; D.8.4.

Notes 54b, 54c, 54d, 54e, 54j 4.7.1

Capital adequacy and risk-weighted assets

9 Minimum capital requirements (Pillar I) D.8. Note 54j Executive summary; 4.6.1: 4.6.3; 4.6.4

10 Composition of regulatory capital and reconciliation to the balance sheet

3.6; 4.6.1Anexo III.a y III.c

11 Flow statement of movements in regulatory capital 4.6; 4.6.1; Appendix III.b; Appendix III.c

12 Capital planning D.8.4. Note 54j 4.7.113 Business activities and RWAs D.8. Note 54j 4.6.314 Capital requirements by method of calculation and portfolio 4.6; 4.6.3;6.415 Credit risk by Basel portfolios 4.6.3.1.1; 6.2-6.4

16 RWA flow statement by type of risk Executive summary; 4.6.3.1; 4.6.3.3; 4.6.3.4

17 Backtesting of models (Pillar III) 6.7; 6.9; 8.2.5Liquidity 18 Liquidity needs, management and liquidity reserve D.3.2.; D.3.3. Note 54e 9

Funding

19 Encumbered and unencumbered assets D.3.3. Note 54e 9.3.2 (IV.)

20 Contractual maturities of assets, liabilities and off-balance sheet balances D.3.3. Note 54e -

21 Funding plan D.3.3.; D.3.4 Note 54e 9.3

Market risk

22 Balance sheet reconciliation to trading and non-trading positions D.2.2. Note 54d - 23 Significant market risk factors D.2.1.-D.2.3. Note 54d 8.1; 8.224 Market risk measurement model limitations D.2.2. Note 54d 8.2; 8.2.6

25 Management techniques for measuring and assessing the risk of loss D.2.2. Note 54d 8.2.1; 8.2.2; 8.2.3; 8.2.4; 8.2.5

Credit risk

26 Credit risk profile and reconciliation to balance sheet items D.1.2. Note 54c 6.2

27 Policies for impaired or non-performing loans and forbearance portfolio D.1.2. Note 54c -

28 Conciliation of non-performing loans and provisions D.1.2. Note 54c 6.229 Counterparty risk resulting from derivative transactions D.1.4. Note 54c 6.1030 Credit risk mitigation D.1.5. Note 54c 6.11

Other risks31 Other risks D.4.; D.6.; D.7. Notes 54f, 54h, 54i 10; 11; 1232 Discussion of risk events in the public domain D.5. Note 54g 11

IFRS 9

The recommendations regarding the adoption of IFRS 9 which transversally affect the various EDTF recommendations can be consulted in table 1 (pg. 194-196) which outlines the proposed model and the implementation strategy as well as the regulatory and complementary guidelines

C (Table 1)

* The location refers to chapters or sections of this Annual report. In the case of capital recommendations and risk-weighted assets, they also refer to sections of the information of Prudential Relevance (Pillar III). In addition, the navigation map has the cross-references of the information published by the Group (Annual report, Pillar III, Auditor’s report and annual consolidated accounts).

reportsantanderannualreport.com/2017/sites/default/files/... · 2019-02-20 · 176 executive...

Documents